February 15, 2017 by

Most Common Passwords Found In Data Breaches

Creating a strong password is one of the fundamental ways to keep your account safe.  A strong password can help reduce the chances your private information from getting stolen, whereas a weak password is easy to break and use in a malicious manner. In 2016, the most common password was 123456. If this is your password, change it now. Each year the number of data breaches and stolen identities increases. By using simple passwords like 123456 or password you are helping the attacker steal your information. All of the most common passwords of 2016 required no mental effort to crack. According to Keeper Security, out of the 10 million passwords analyzed, over 50% of them were consisted of 25 passwords, listed below.  If you are using any of these passwords, it is important you change them because you can be compromised within seconds. 

The weakness of a password depends on human memory. Most users have multiple accounts across different platforms, email accounts, online banking, or social media accounts. CEO of Keeper Security, Darren Guccione, says “The average person has 19 passwords to keep track of, but 1 in 3 are not nearly strong enough”. The human memory is the center of weak passwords. The number of passwords that can be memorized is only limited to a few items. Which is why users take shortcuts to try to memorize their passwords, such as using a common passwords, short password, or personal information. Attackers are aware of these shortcuts and patterns in passwords when they break them.  

To avoid attacks you should never reuse your password for your accounts because once the attacker has access to one account the attacker/he has access to all your accounts. You should remember to change your password every 60-90 days.  

The following is recommended when creating a strong password: 

  • Do not use personal information such as, birthdays, pet names, a child’s name, addresses 
  • Do not any dictionary words or phonetic words 
  • Do not repeat characters or use sequences (1,2,3) or (abcd) 
  • Your passwords at least be 12 characters long and 18 characters long for accounts that require higher security, such as banking accounts 
  • Make sure your have both uppercase and lower case letters, 1-2 numerals, and include special characters 

When creating a strong password, consider using a long phrase, such as Lifarsyourdigitalworldsecured. To make it even stronger you can replace the letters with special characters such as changing the a to @ or s to $ or a o to 0, so it would look like this Lif@r$y0urdigit@lw0rld$ecured. You can also find a sentence that is easy to remember and use the first digits of each word, so “I grew up in Queens, New York. I lived on 74-39 Fake Street and had a pet fish.”, would become IguiQ,NY.Ilo73FSahapf. If you have a hard time making a strong password, it is recommended to use a password management application. This application can help you store and create strong passwords, protected with one strong master password.  These types of applications are safer than writing down your passwords and help keep you protected. Using these tips will help protect you and your information. 

Top 25 Most Commonly Used Passwords

  • 123456 
  • 123456789
  • qwerty
  • 12345678
  • 111111 
  • 1234567890
  • 1234567
  • password
  • 123123
  • 987654321
  • qwertyuiop
  • mynoob
  • 123321
  • 666666
  • 18atcskd2w
  • 7777777
  • 1q2w3e4r
  • 654321
  • 555555
  • 3rjs1la7qe
  • google
  • 1q2w3e4r5t
  • 123qwe
  • zxcvbnm
  • 1q2w3e

About the author

Image of Author

LIFARS is the global leader in Digital Forensics and Cyber Resiliency Services. Our experience spans two decades working on high profile events, often in concert with Law Enforcement Agencies around the world. Our proprietary methodology derives directly and indirectly from our experience working with and for U.S. Intelligence Agencies, Interpol, Europol, and NATO. We are solely dedicated to Cyber Resiliency and thus pay close attention to all aspects of our clients’ engagements experience while providing a strategic and integrated array of services to minimum risk and disruption while protecting your brand.

Related articles

Here are the 25 Most-Used Passwords of 2017

SplashData has published its annual list the most-used passwords and it makes for some entirely...

Read more arrow_forward

Hacker who Hit Canadian Gold Mines & Casinos Plotting New Attacks

Researchers at cybersecurity firm FireEye have warned that the same hacker or hacking group who...

Read more arrow_forward

Putin Says ‘Patriotic” Russian Hackers Could Be Behind Cyberattacks

Russian President Vladimir Putin has claimed that Russians with “patriotic leanings” could be...

Read more arrow_forward