World's dumbest passwords: Is yours on the list?

Author
Joe Pinkstone for Daily Mail ,
Publish Date
Thu, 24 May 2018, 10:21AM
Your go-to password might be putting your private information at risk of a security breach. (Photo \ 123RF)
Your go-to password might be putting your private information at risk of a security breach. (Photo \ 123RF)

World's dumbest passwords: Is yours on the list?

Author
Joe Pinkstone for Daily Mail ,
Publish Date
Thu, 24 May 2018, 10:21AM

Despite hacks and data breaches becoming commonplace, it seems most people are still picking a password based on convenience rather than security.

A study of 61 million leaked passwords by Virginia Tech University and security firm Dashlane has revealed the most common passwords of the last year.

It found that emotionally fuelled phrases such as 'f***you' and 'iloveyou' are often chosen by users when setting a password for an online account.

Predictably, the likes of 'qwerty' and '123456' also rank high on the list.

The list of leaked passwords also suggest people often turn to their favourite brands, films, music, pop culture icons, and football teams when looking for inspiration.

Dr Gang Wang from Virginia Tech partnered with password manager software Dashlane to compile the list of 2017's most popular passwords.

After looking at 61 million leaked passwords, the researchers found people had a tendency to opt for familiarity over security. Photo/Daily Mail.
After looking at 61 million leaked passwords, the researchers found people had a tendency to opt for familiarity over security. Photo/Daily Mail.

After analysing 61.5 million passwords leaked from 107 online services over the last eight years, Dr Wang discovered that 52 per cent of users re-use passwords between their online accounts.

Dr Wang said: 'It is difficult for humans to memorise unique passwords for the 150+ accounts the average person has.

'Inevitably, people reuse or slightly modify them, which is a dangerous practice.

'This danger has been amplified by the massive data breaches which have given attackers more effective tools for guessing and hacking passwords.'

The study also found users often favoured phrases around love, with 'beautiful', 'lovelove' and 'iloveyou' ranking highly in the list.

Another common theme was vulgarity, with the likes of 'bulls***' and 'f***off' both used frequently enough to make the top 10.

LinkedIn and MySpace were two of the top three brands used as passwords, ranked first and third respectively, despite both experiencing sizeable breaches in 2016.

The second most popular brand name was American muscle car 'Mustang'.

Pop culture references were abundant and included superheroes, bands and films, including 'superman', 'greenday' and 'starwars' all commonly used.

Champions league football teams also made up a relatively large portion of people's passwords, with finalists Liverpool beating out FA cup winners Chelsea for the most commonly used team name.

Researchers also uncovered a high frequency of passwords which contained a combinations of letters, numbers and symbols adjacent to one another on the keyboard.

This practice, known as 'Password Walking', is well-known to hackers and far from secure.

As well as the obvious examples of this (qwerty and 12345), there are some more convoluted patterns, which include: 1q2w3e4r, 1qaz2wsx, 1qazxsw2, zaq12wsx, !qaz2wsx and [email protected]

Dashlane has released some advice for users who want to improve the quality of their password.

The New York-based security company recommends creating a unique password for every online account which avoids common phrases, slang, places or names.

According to Dashlane, these passwords should always exceed the minimum eight characters, and include a mixture of case-sensitive letters, numbers, and special symbols.

- Daily Mail