Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Study reveals top 200 most common passwords

The annual study on top-used passwords published by Nordpass revealed that we are still using weak credentials that expose us to serious risks. Nordpass has published its annual report, titled “Top 200 most common passwords,” on the use of passwords. The report shows that we are still using weak passwords. The list of passwords was […]

top-used passwords

The annual study on top-used passwords published by Nordpass revealed that we are still using weak credentials that expose us to serious risks.

Nordpass has published its annual report, titled “Top 200 most common passwords,” on the use of passwords. The report shows that we are still using weak passwords.

The list of passwords was compiled with the support of independent researchers specializing in data breach analysis., the study is based on the analysis of a 4TB database containing passwords across 50 countries.

Most used passwords are still 123456, 123456789, 12345, qwerty, and “password”. Businesses fail to enforce strong passwords, and rarely request employees to enable multi-factor authentication (MFA). 

The report revealed that the most common passwords in 2021 were:

  1. 123456 (103,170,552 hits)
  2. 123456789 (46,027,530 hits)
  3. 12345 (32,955,431 hits)
  4. qwerty (22,317,280 hits)
  5. password (20,958,297 hits)
  6. 12345678 (14,745,771 hits)
  7. 111111 (13,354,149 hits)
  8. 123123 (10,244,398 hits)
  9. 1234567890 (9,646,621 hits)
  10. 1234567 (9,396,813 hits)

Below is the map showing password leaks per capita:

top used passwords

According to the report, a stunning number of people have the bad habit of using their own name as a password. While “Liverpool” might be the most popular team in the world, while “Ferrari” and “Porsche” are the most popular car brands worldwide. 

The “iloveyouis” password is used more by women, in the US, the number of women using it is 222,287 while the number of men using the same password is 96,785.

Below are the password hygiene basics provided by the experts:

  • Use complex passwords containing at least 12 characters and a varied combination of upper and lowercase letters, numbers, and symbols. Password generator could be easily generate them.
  • Never reuse passwords for multiple accounts.
  • Regularly update passwords, experts recommend changing passwords every 90 days.
  • Check password strength
  • Check password strength – regularly assess your password health. Identify weak, reused, or old passwords and fortify your online security with new, complex ones.
  • Use a password manager.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, top-used passwords)

[adrotate banner=”5″]

[adrotate banner=”13″]