Your name, your favorite football team or simply 123456.
The UK’s National Cyber Security Centre has released a list of the 100,000 most common passwords to appear in data breaches in an effort to encourage users to select strong passwords.
The results show a huge number of regularly used passwords breached to access sensitive information.
The password ‘123456’ has been found 23 million times in the breaches that collected. You might think that choosing a more complex password such as ‘oreocookie’ is better, but even that has been seen over 3,000 times.
Liverpool was the most used football team, Ashley the most common name, Blink182 the most used band and superman the most used fictional character
7.7 million users went the whole hog and used almost all the numerical keys, opting to use ‘123456789’ as their password.
The polling was independently carried out on behalf of the National Cyber Security Centre (NCSC), a part of GCHQ, and Department for Digital, Media and Sport (DCMS).
The findings, released ahead of the NCSC’s CYBERUK 2019 conference in Glasgow this week, will inform government policy and the guidance offered to organisations and the public.
Dr Ian Levy, NCSC Technical Director, said:
“We understand that cyber security can feel daunting to a lot of people, but the NCSC has published lots of easily applicable advice to make you much less vulnerable.
“Password re-use is a major risk that can be avoided – nobody should protect sensitive data with somethisng that can be guessed, like their first name, local football team or favourite band.
“Using hard-to-guess passwords is a strong first step and we recommend combining three random but memorable words. Be creative and use words memorable to you, so people can’t guess your password.”