As parents have been telling their children since time immemorial, being popular isn’t always a good thing. For example, if you’re using a password that is popular with many people around the world, you’re setting yourself up to be breached. Cybercriminals already know about these passwords, as they’ve all appeared in the many large data breaches that have occurred in the last few years.
Last year, the UK’s National Cyber Security Centre (NCSC) released most used passwords. Here are the first 10:
Just how common are these passwords? According to the article, as of April 2019, the password “123456” appeared 23.2 million times in public data breaches, “123456789” was found 7.7 million times, and “qwerty” showed up 3.8 times.
Let’s say you know better than to use a simple numerical or keyboard sequence. Instead, you decide to use your child or spouse’s name, the name of your favorite band, or a pop culture reference. That’s not going to keep you safe, either; cybercriminals are just as aware of these “clever” passwords as they are of “abc123.” As of last April, “ashley” made an appearance in a public data breach 432,276 times, and “michael” was found 425,291 times. Other popular passwords included “blink182” (285,706 times), “metallica” (140,841 times), and “superman” (333,139 times).
It pays for your password to be unpopular
What type of passwords are absent from the world’s most popular passwords list? Strong passwords, which are:
- At least six characters long (preferably longer)
- A random combination of letters, numbers, and symbols (which means no names, dictionary words, or pop culture references)
- Both uppercase and lowercase letters
You should also enable two-factor authentication (2FA) whenever it’s available, and never reuse passwords across accounts.
Coming up with strong, unique passwords for all of your apps and accounts, and remembering all of them, is a difficult task. That’s why so many people end up throwing their hands in the air and using “qwerty,” “123456,” or a simple name or dictionary word.
There’s no need to put yourself at risk. Keeper’s top-rated password manager generates high-strength random passwords for all your sites and apps and stores them for you in a personal, encrypted digital vault, which you can access from all of your computers and mobile devices. You’ll never lose or forget another password again.