If you use “123456”, “password” or “qwerty” as a password, you’re probably aware that you’re leaving yourself vulnerable to hackers. But you’re also not alone – these are three of the top ten most common passwords around the world, according to a new report.
In partnership with independent researchers, password management service NordPass compiled millions of passwords into a dataset to determine the 200 most commonly used passwords around the world in 2021.
They analyzed the data and presented results across 50 countries, looking at how popular various choices were in different parts of the world. They also looked at password trends by gender.
The findings show password choices are often attached to cultural references. For example, people across several countries take inspiration from their favorite football team. In the UK, “liverpool” was the third most popular password, with 224,160 hits, while the name of Chilean football club “colocolo” was used by 15,748 people in Chile, making it the fifth most common choice.
In some countries passwords relating to religion were popular. For example, “christ” was the 19th most common password used in Nigeria, used 7,169 times. Meanwhile, “bismillah”, an Arabic phrase meaning in the name of Allah, was used by 1,599 people in Saudi Arabia – the 30th most common choice.
The report also reflected differences between genders. Women tend to use more positive and affectionate words and phrases such as “sunshine” or “iloveyou”, while men often use sports-related passwords. In some countries, men use more swear words than women.
While music-themed passwords were popular across both genders, choices like “onedirection” or “justinbieber” were more popular among women, whereas men favored bands such as “metallica” and “slipknot”.
Choose long and complex passwords
Passwords remain the main authentication mechanism for computers and network-based products and services. But we know people continue to choose weak passwords and often don’t manage them securely, leaving them vulnerable to online security threats.
Weak passwords are easy to guess and can be cracked with minimal difficulty by attackers using brute-force methods (trying all letter, number, and symbol combinations to find a match). They are also easy targets for a dictionary attack, which is a systematic method attackers use to guess a password, trying many common words and variations of these.
To overcome the security issues associated with password-based authentication systems, researchers and developers are now focused on creating authentication systems which don’t rely on passwords at all.
In the meantime, two-factor authentication (2FA) or multi-factor authentication (MFA) methods are a good way to secure your accounts. These methods combine a password with biometrics information (for example, a face scan or fingerprint) or something you have, like a token…Read more>>