If you stop and think about your online presence, just think how many different sites and apps you log into on a daily basis – each needing a unique username and password.
Let’s be honest, most of us use a username that’s also our email address, so for the cyber criminal that’s half the battle won. The next is a password, which should be hard to guess and different for every login. However, most times, it’s not.
I use a password manger to take care of this task for me. My choice is LastPass, meaning I only have to remember one password and the service takes care of everything else. Other password managers are available of course.
Well, according to a survey carried out by the UK’s National Cyber Security Centre (NCSC), the most widely-used password was “123456” on breached accounts.
The NCSC said…
People should string three random but memorable words together to use as a strong password.
Top of the list, as mentioned, was was 123456, appearing in more than 23 million passwords. That’s a pretty shocking amount of people using a really standard and non-secure password. Meanwhile, the second-most popular string, 123456789, was perhaps just as bad.
Others in the top five included “qwerty”, “password” and 1111111.
The most common name used was “Ashley”, followed by “Michael”, “Daniel”, “Jessica” and “Charlie”. If that’s one of yours, best change it. Also, there’s a number of football teams mentioned in guessable passwords. Liverpool are champions and Chelsea are second. Blink-182 topped the charts of music acts.< People who use well-known words or names for a password put themselves people at risk of being hacked, said Dr Ian Levy, technical director of the NCSC...
Nobody should protect sensitive data with something that can be guessed, like their first name, local football team or favourite band.
The survey also found that 42% of people expected to lose money to online fraud and only 15% said they felt confident that they knew enough to protect themselves online. Fewer than half of those questioned used a separate, hard-to-guess password for their main email account.