The research shows people use simple and easy-to-remember passwords due to convenience. They also like categories, such as swear words, numbers, names, and food. Password manager NordPass says using simple words out of the dictionary or number combinations make passwords too easy to crack. Its list of the 200 most common passwords for online accounts in 2020 was released after a review of nearly 275.7 million passwords. Check out the complete list here
Among the 200 most commonly used passwords this year, "123456" took first place, used by more than 2.5 million people, and exposed more than 23 million times in data breaches, according to NordPass's research. In second place was "123456789," used by more than 961,000 people and exposed more than 7.8 million times in breaches.
Creating and managing a strong and unique password for each account is impossible without some type of help. And using the same weak passwords across the board exposes you to a greater risk of your accounts being compromised. As for words, a new password, "picture1" joined the list of common passwords, ending up in third place. In fourth place was "password." In the 10th spot was "senha," which is new to the list and means password in Portuguese.
Company advises !
NordPass said if you're not using a password manager, you should create a unique one for each account and make them long — don't settle for anything shorter than 12 characters, and use a mix of upper- and lowercase letters, numbers and symbols. It said you should change your passwords at least every 90 days.
Tips for managing passwords
In its report, NordPass provided a few tips for managing your passwords and your cybersecurity.
1. Create a strong password
Never reuse passwords across multiple accounts. Create a unique one for each account and make it long. Don't settle for anything shorter than 12 characters, even more, if you can. Use a mix of upper- and lower-case letters, numbers, and symbols to significantly lower the risk of getting your passwords cracked. Also, make sure to change your passwords at least every 90 days. To create a complex, robust password, take advantage of a Password Generator.
2. Avoid a weak password
Avoid using dictionary words, number combinations, or strings of adjacent keyboard combinations. For instance, "password," "qwerty," and "123456" are terrible passwords as they are too easy to crack. Also, refrain from repetitive characters, such as "aaaa" or "123abc." Under no circumstances choose passwords based on personal details that might not be completely confidential, such as your phone number, birth date, or name.
3. Try password salting
Add random characters to your password before you use it. You can learn more about password salting at this NordPass blog post from August 2020.
4. Delete the accounts
you no longer use and regularly check the ones you do for suspicious activity.
5. Use two-factor authentication when possible
Use a password manager & Memorizing a number of random, complex passwords, and having to manually type them every time is no picnic.
Biggest reasons for these mistakes
Intelligence agencies warn that hacking attacks against governments are becoming more sophisticated. NordPass stated that less than half (78%) of the passwords on the 2020 list are new. Research shows that because of convenience, people use simple and easy-to-remember passwords, as well as swear words, numbers, names, and food.
The lesson to learn ?
"Your weak password can be used for credential stuffing attacks, where the breached logins are used to gain unauthorized access to user accounts," Hammond said. "If you fall victim to a credential stuffing attack, you might lose your Facebook or another important account with all its content. Also, your email address could be used for phishing attacks or for scamming your family and friends, who may very well fall for it, as the email will supposedly be coming from you."