Passwords keep your online accounts clear of prying eyes, but all it takes is one low-level hacker to crack the code and reap the rewards you thought were once secure — especially if your password is based on this cybersecurity study’s results.
A study by payment service provider Dojo analyzed breached passwords around the globe to reveal the most hacked passwords, along with the most guessable categories threat actors commonly break through. TL;DR: stop using pet names and emotions to keep your online accounts secure.
Based on breached passwords from the National Counterintelligence and Security Center (NCSC), the study (via BGR) revealed the top 20 most commonly hacked password categories that everyone should avoid, along with the number of breached passwords that include words or phrases in that category. The list is as follows:
- Pet names/terms of endearment — 4,032
- Names — 3,913
- Animals — 2,112
- Emotions — 1,917
- Food — 1,662
- Colours — 1,450
- Swear words — 1,268
- Actions — 991
- Family members — 723
- Car brands — 606
- Cities — 505
- Brands — 477
- Countries — 463
- Sports — 457
- Religions — 341
- Hobbies — 314
- Weather — 313
- Drinks — 268
- Social media platforms — 253
- Star signs — 204
Pet names and terms of endearment were the most commonly used passwords that threat actors hacked, with the study showing that “Love” (1,492), “Baby” (417) and “Angel” (330) being the three top used passwords around the world. the names category also took the spotlight, with the most frequently hacked names being “Sam” (313), “Anna” (300) and “Alex” (240). You’ll also want to stay clear of using “Dog” (345) or “Cat” (265) in your passwords.
The NCSC data also showed the five most commonly hacked passwords on the internet, and you may be surprised by how many people still use them.
- 123456 — 23.2 million users
- 123456789 — 7.7 million users
- Qwerty — 3.8 million users
- Password — 3.6 million users
- 1111111 — 3.1 million users
Large-scale hacks that can lead to fraud, identity theft, and ransom threats happen frequently, and it doesn’t take much for a hacker to bypass simple passwords. Password managers are a great way to keep your credentials in order. They store all your unique passwords in a secure digital vault that can only be accessed by you, and they can generate strong, random passwords — better than the ones found in this study, anyway.
With Google finding success in pushing two-factor authentication, it’s a good idea to set up 2FA. If you’re wondering how to do 2FA right, we’ve got you covered.
