• icon-blog-top

    Welcome to the FlexiDB blog.  Read all the latest news about FlexiDB, the software, demo sites, exhibitions et cetera.

  • Web security password cyber security web development

    The most popular passwords of 2016 are painfully easy to guess

    25th January at 2:15pm BST
  • 2016 was a difficult year for cyber security. The public were made aware of several large-scale security breaches, including data surfacing from hacks that took place years ago, the theft of personal information of half a billion Yahoo users, the celebrity iCloud leak scandal, and 40,000 Tesco Bank customers losing money from their accounts.

    Despite our growing knowledge of security holes, researchers at Keeper, a secure password manager and digital vault, have revealed that 63% of data breaches are due to weak, default or stolen passwords, and 60% of people use the same password for everything.

    The researchers have gone further than simply telling us about the poor security choices commonly made. They’ve shown us exactly how bad they are by releasing data of 10 million passwords that became public through data breaches during 2016.

    Advice about creating secure and unique passwords seems to have been largely ignored, with “123456”, “123456789”, and “qwerty” coming first, second and third for the most popular choices.

    Within the top 10 passwords on the list, four contained six characters or less, making them vulnerable to software designed to unscramble passwords. Some passwords were predictable (“111111”) and others were unpredictable but used sequential key variations that were easy to crack (“1q2w3e4r”).

    The biggest conclusion we can gather from the findings is that these popular passwords are pretty easy to crack:

    1. 123456

    2. 123456789

    3. qwerty

    4. 12345678

    5. 111111

    6. 1234567890

    7. 1234567

    8. password

    9. 123123

    10. 987654321

    11. qwertyuiop

    12. mynoob

    13. 123321

    14. 666666

    15. 18atcskd2w

    16. 7777777

    17. 1q2w3e4r

    18. 654321

    19. 555555

    20. 3rjs1la7qe

    21. google

    22. 1q2w3e4r5t

    23. 123qwe

    24. zxcvbnm

    25. 1q2w3e

    There have been some high-profile password slip-ups over recent years, too:

    1) Drake and Katy Perry

    Dozens of celebrities including Drake and Katy Perry recently suffered Twitter hacks because they used the same passwords from their old MySpace accounts. The lesson here is: don’t use the same password for years across multiple accounts!

    Houston Astros

    When Major League Baseball team, the Houston Astros had their online database of player statistics hacked by a former executive of the St. Louis Cardinals, the hacker used the password of another former Cardinals employee who had recently joined the Astros. Clearly, it’s not the best idea to use passwords from your old employment in your new job.

    3) Harry Redknapp

    When Harry Redknapp, English football manager and former player, was on trial for tax evasion, he revealed his Monaco bank account password was the name of his dog and the year of his birth. He then quipped, “I’d better change it now!”

    Here are a few tips to help protect against increasingly sophisticated cyber threats:

    Experts recommend using different passwords for different services. It can get pretty difficult to remember, but it means that if one of the systems you use is hacked, your other accounts won’t be at risk.

    Two-factor authentication is a great way to keep your accounts secure. It makes you less vulnerable because, unless a hacker has access to your phone, it won’t matter if they break your password.

    Our message to the 17% who used the most common password “123456” (that’s right, all 1.7 million of you) is that it’s probably (read: definitely) time to change your password. This time, try to choose something that’s difficult to guess!

    Read more on how to create layers of protection for cyber security here.