As easy as 123456 !

Data security breaches have become common place over the last 10 years, so much so that as an industry we have almost become immune to them.

 

However a recent study carried out by a Turkish Security researcher, Ata Hakcil, on password reuse found after analysing over a billion credentials that "123456" was the most commonly used password!

 

That equates to 1 out of every 142 passwords on the internet with an occurrence of 7 million times in the analysed data set.

 

Some other mind boggling and interesting stats revealed that:

 

    • Out of 1 Billion passwords only 169 million were unique

       

 

    • The average password length was 9.48

       

 

    • 29% only used letters

       

 

    • 13% only used numbers

       

 

    • The top 1000 passwords account for over 6% of all passwords

       

 

 

Interestingly a large of number of the passwords were found to have low entropy, even though they appeared to be strong passwords, which leads the researcher to believe that there may be a password manager out there producing passwords with low entropy as default.

 

The full details of the research can be found at the following Github link:

 

Password Research

 

So the key take away is that if you are using 123456 as a password you better change it now!

 

Humans will continue to make poor choices when it comes to inventing new passwords so my advice is:

 

    • Invest in a password manager

       

 

    • Use Multi Factor Authentication wherever possible for any online services 

       

 

 

Above all take the guessing game out of creating passwords so that you don't become the next victim of a data breach.

Leave a Comment