News

New list reveals common online passwords hackers can easily crack

May 24, 2018

Many people use passwords that can be easily guessed.

Online fraud is becoming more and more common, but new research has suggested that we might only have ourselves to blame if our accounts are hacked. In fact, many of us use passwords that can be very easily cracked.

The study, carried out by Virginia Tech University and security firm Dashlane, analysed 61 million leaked passwords to compile a list of the most frequently used passwords of last year. It was revealed that emotionally fuelled phrases such as ‘iloveyou’ and ‘f***you’ were popular choices amongst people selecting their secure login details, as were the names of well-known sporting teams, brands and musicians with many users opting to use pop culture references.

And to make matters worse, the research found that a whopping 52 per cent of us then reuse the same password across a number of accounts making it easier for scammers to access personal details.

Dr Gang Wang, an Assistant Professor in the Department of Computer Science at Virginia Tech, said: “It is difficult for humans to memorise unique passwords for the 150+ accounts the average person has.

“Inevitably, people reuse or slightly modify them, which is a dangerous practice.

“This danger has been amplified by the massive data breaches which have given attackers more effective tools for guessing and hacking passwords.”

LinkedIn and Myspace were two of the most commonly used brand names, while English Premier League teams Liverpool and Chelsea were the most frequently referenced sports teams.

The study also found that many of us use ‘password walking’ to set our passwords, which refers to the use of a series of characters which appear close to each other on the keyboard such as ‘qwerty’ or ‘123456’.

However, these passwords are actually some of the least secure as hackers are aware of the tendency for people to rely on convenience and can easily exploit this when attempting to gain access to personal accounts.

Dashlane offered a list of best practice tips to follow when setting passwords for your online accounts. The security experts recommend using a unique password for every separate account and incorporating a mixture of case-sensitive letters, numbers and symbols.

They also suggest avoiding common phrases or place names, and using a secure Wi-Fi connection to lower your chances of falling victim to hackers.

These findings are backed up by a list that was published earlier this year of the top 10 unsafe passwords that people use online. Top of that list was 123456 followed by Password, 12345678 and Qwerty.