Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cyberwarfare

Password Hacks as Simple as 1-2-3-4-5-6

Even after tens of millions of people had online accounts hacked, many Internet users still rely on easily guessed passwords.

A report released by the online security firm SplashData on Tuesday found the most commonly used by global Internet users were “123456” and “password” in 2015 — unchanged since 2011.

Even after tens of millions of people had online accounts hacked, many Internet users still rely on easily guessed passwords.

A report released by the online security firm SplashData on Tuesday found the most commonly used by global Internet users were “123456” and “password” in 2015 — unchanged since 2011.

The fifth annual report by SplashData was compiled from more than two million leaked passwords during the year, and showed little change.

Despite the introduction of some new and longer passwords required by some websites, “the longer passwords are so simple as to make their extra length virtually worthless as a security measure,” the company said in a blog post.

Among other top passwords were “12345678,” “qwerty,” “12345” and “123456789,” according to the report.

Other popular password are based on standard keyboard patterns like “1qaz2wsx” (first two columns of main keys) or “qwertyuiop” (top row of keys) but are “based on simple patterns that would be easily guessable by hackers,” SplashData said.

“We have seen an effort by many people to be more secure by adding characters to passwords, but if these longer passwords are based on simple patterns they will put you in just as much risk of having your identity stolen by hackers,” said SplashData chief executive Morgan Slain.

“As we see on the list, using common sports and pop culture terms is also a bad idea. We hope that with more publicity about how risky it is to use weak passwords, more people will take steps to strengthen their passwords and, most importantly, use different passwords for different websites.”

Advertisement. Scroll to continue reading.

The epidemic of hacking has led some online companies to start moving away from passwords, and employing other verification methods such as biometrics.

Fingerprint readers have become more popular on mobile devices and other firms use face or iris recognition.

Some sites are moving to “two factor” authentication which require users to receive a code on a mobile device.

Written By

AFP 2023

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Cyberwarfare

WASHINGTON - Cyberattacks are the most serious threat facing the United States, even more so than terrorism, according to American defense experts. Almost half...

Cyberwarfare

Russian espionage group Nomadic Octopus infiltrated a Tajikistani telecoms provider to spy on 18 entities, including government officials and public service infrastructures.

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.

Cyberwarfare

Several hacker groups have joined in on the Israel-Hamas war that started over the weekend after the militant group launched a major attack.

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Cyberwarfare

The war in Ukraine is the first major conflagration between two technologically advanced powers in the age of cyber. It prompts us to question...

Cybercrime

On the first anniversary of Russia’s invasion of Ukraine, cybersecurity companies summarize the cyber operations they have seen and their impact.

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...