A raft of recent research has once again revealed that many of us are still absolutely terrible when it comes to creating strong password.
This includes a new report from (opens in new tab), ranking entries by how many instances were found, how easy they were to crack, in addition to popularity by country and, where possible, gender.Nordpass, which examined a database that totals over 3TB of compromised passwords and spans users from 30 countries in order to reveal the
Perhaps unsurprisingly, Nordpass found that “password” remains the top choice, with “12345” taking the second spot worldwide.
Weak password trends
The rest of the list is largely comprised of other variants of letters and numbers not-so randomly stuck together, with “quertyuiop” (the top letter row of most English-language keyboards), sitting at rank 36 globally.
Direct comparisons of the Nordpass data show that no one gender is more security conscious than the other, they simply make bad choices differently.
For example, in a comparison of the top ten passwords in the UK, males largely choose the names of football teams (“liverpool”, “arsenal” and “chelsea” are ranked fifth, sixth, and eighth amongst them, respectively), while women picked names (“charlie”, ranked third), places (“london”, seventh), or other outlying nouns (“chocolate” and “monkey”, eighth and ninth).
A separate (opens in new tab) by password management company Specops Software, analysing over 800 million compromised passwords, also reveals that the ongoing FIFA World Cup is impacting password choices, with users opting for the names of international teams, past and present players, and other relevant but common terms.
For example, over 1.3 million instances of “USA” as a password were recorded, while “kane”, for England star Harry Kane, appeared over 133,000 times – and even simply “soccer” appeared over 140,000 times.
Looking at Specops’ data with Nordpass’ gender divide in mind, it may well be offering an insight into password choices made, chiefly, by male users.
Also covering Nordpass’ report, (opens in new tab) found that people have even turned to using the name of their phone manufacturer for its password.
At present, “samsung” is the 78th most popular password in the world, and “googledummy” ranks 145th. spelling trouble for the enormous number of people who swear by the best, and out there.
Keeping all your data secure
If you can pick your password out of a dictionary, atlas, other reference book, or read it off a keyboard, it’s a bad one, as it’ll only take a matter of seconds, minutes, or hours for a threat actor to crack, giving them unfettered access to sensitive data.
Passwords should be unique to you, if not completely randomized by aand stored in a reputable manager.
Consumers should also consider the cutting edge biometric authentication standard, currently built into Apple devices, and implemented for other platforms by and . At time of writing, these alternatives are in open beta and set to arrive in 2023, respectively.
While TechRadar Pro readers may be less likely to make common mistakes when securing their business’ tech stack, it raises uncomfortable questions about consumer security habits, and how that might affect the passwords that employees choose for themselves when offered the choice.
Organizations should also consideras part of a security strategy, eliminating passwords entirely while still ensuring security.