If you use “123456”, “password” or “qwerty” as a password, you are probably aware that you are vulnerable to hackers. But you’re not alone either – these are three of the top ten most common passwords in the world, according to a new report.
In partnership with independent researchers, the NordPass password management service matched millions of passwords into a dataset to identify the 200 most commonly used passwords in the world in 2021.
They analyzed the data and presented results in 50 countries, looking at how popular different elections are in different parts of the world. They also looked at trends in gender passwords.
The results show that the choice of passwords is often related to cultural references. For example, people from several countries are inspired by their favorite football team. In the United Kingdom, liverpool was the third most popular password with 224,160 visits, while the name of the Chilean football club colocolo was used by 15,748 people in Chile, making it the fifth most common choice.
In some countries, religion-related passwords were popular. For example, “Christ” was the 19th most frequently used password in Nigeria, used 7,169 times. Meanwhile, “bismillah,” an Arabic phrase meaning the name of Allah, was used by 1,599 people in Saudi Arabia, the 30th most common choice.
The report also reflects gender differences. Women tend to use more positive and gentle words and phrases such as “sun” or “iloveyou”, while men often use sports-related passwords. In some countries, men use more swear words than women.
While music-themed passwords were popular with both sexes, choices such as “onedirection” or “justinbieber” were more popular with women, while men preferred groups such as “metallica” and “slipknot.”
Choose long and complex passwords
Passwords remain the primary authentication mechanism for computers and network products and services. But we know that people continue to choose weak passwords and often do not manage them securely, leaving themselves vulnerable to online security threats.
Weak passwords are easy to guess and can be cracked with minimal difficulty by attackers who use rough methods (trying all combinations of letters, numbers and symbols to find a match). They are also easy targets for a vocabulary attack, which is a systematic method used by attackers to guess a password by trying very common words and variations of them.
To address the security issues associated with password-based authentication systems, researchers and developers are now focused on creating authentication systems that don’t count of passwords at all.
Meanwhile, two-factor authentication (2FA) or multifactor authentication (MFA) methods are a good way to protect your accounts. These methods combine a password with biometric information (such as a face scan or fingerprint) or something you have, such as a token.
You can create a password that is both strong and memorable by combining three random words. Machine generated passwords they are also difficult to guess and are less likely to appear in the dictionaries of passwords used by attackers.
But of course, all this is easier said than done. One of the challenges we face in today’s digital age is password overload. And it can be difficult to remember complex passwords, especially machine-generated ones.
Therefore, it is a good idea to use a trusted password manager for this purpose. Relying on your web browser to remember your passwords is less secure – attackers can exploit browser vulnerabilities to access stored passwords.
NordPass’s findings, although not published in a peer-reviewed journal, are consistent with what we know from similar lists posted elsewhere – that the most popular passwords are weak.
Hopefully, if you see any of your passwords on this list, it will be a boost to change it to something stronger. Ethical hackers – people who work to prevent hacking of computers and networks – can also use these insights for good. On the other hand, we must recognize the possibility of hackers using this information to target password attacks. This should be another reason to strengthen your passwords.