IN a recent study, database experts at Red9 have unearthed alarming revelations regarding the widespread usage of easily exploitable passwords online. These vulnerabilities could potentially lead to identity theft, social media account takeovers, and even financial losses.
The research, conducted by analysing data from the widely-used website www.HaveIBeenPwned.com, identified the ten most frequently leaked passwords. Topping the list is the alarmingly simple “123456,” which appeared a staggering 42,542,897 times in data breaches. In total, the top ten passwords accounted for a shocking 196,540,378 breaches.
Surprisingly, among the predictable numerical sequences, the study found unexpected entries like “1q2w3e,” a seemingly random combination that actually reflects the first six adjacent keys on a standard computer keyboard.
Notably, the study revealed that six-character passwords were the most common, comprising 91,644,362 of all breached passwords. Passwords with eight characters followed closely behind, appearing 35,083,201 times in breaches.
Mark Varnas, founder of Red9, emphasised the urgent need for improved password security practices. He stressed the importance of using a combination of uppercase and lowercase letters, numbers, and special characters, while avoiding easily guessable information such as names and birthdays. Varnas also recommended regularly updating passwords and refraining from using identical ones across multiple accounts to strengthen defences against potential security threats.
The top 10 most leaked passwords, along with the number of times they appeared in data breaches, are as follows:
- 123456 (42,542,807)
- 123456789 (18,313,580)
- qwerty (10,713,794)
- password (10,382,543)
- 12345678 (6,901,438)
- 111111 (5,070,941)
- qwerty123 (4,880,569)
- 1q2w3e (4,486,025)
- 1234567 (4,351,342)
- 1234567890 (4,130,502)
