By Amber Steel at LogMeIn, Inc.

Think your passwords are hacker-proof? We all know passwords matter when it comes to online security, but in reality, 65% of us still use the same or similar passwords everywhere. Though the most-used passwords may differ from country to country, Internet users worldwide are notorious for poor password choices. So if you want to make your passwords hard to guess and harder to crack, you’ll need to avoid the most hacked passwords and create a strategy for better password security.

Most hacked passwords are common across English-speaking countries

Millions of people are still using the most hackable passwords in the US, the UK, Australia, and other countries where English is the predominant language.

New studies show that common keyboard patterns like “1234,” “qwerty,” and “asdf” are still popular password choices among English speakers. Names – both given names and those of famous fictional characters – are another top pick. Superheroes, sports teams, cities, countries, and pet names are also frequently used as passwords.

In other words, when English speakers are choosing passwords, they turn to the words that are easy to type, easy to remember or describe some aspect of their daily life. Of course, given the number of passwords people have to remember and the frequency with which they need to enter them every day, it’s unsurprising people use these words repeatedly. Still, those password choices have a damaging effect on their overall cybersecurity.

Non-English speaking countries use guessable passwords, too

Poor password choices aren’t unique to English-speaking countries, but the popular passwords in non-English speaking countries vary based on country-specific phrases, pop culture, and regional dialects.

In China, numbers are used in passwords more often than in English-speaking countries. Simple number sequences like “111111,” “123123,” and “5201314” (which resembles a phrase in Mandarin Chinese) are top choices. Phone numbers and birth dates also appear to be more frequently used in passwords created by Chinese Internet users.

Numbers aren’t always better, though. When used on their own, passwords made from just numbers are easier to guess due to fewer possible combinations of the ten digits 0-9. However, when passwords use a combination of letters and numbers, the number of possible configurations increases significantly. As a result, the time required to crack passwords also increases. Consequently, though Chinese passwords using number sequences are more hackable than many top passwords from English-speaking countries, passphrases created by Chinese users prove more resistant to hacking than most passwords created by English speakers.

These poor password choices persist in other non-English speaking countries. “Hello” is a popular choice everywhere (in the local language). When looking at password lists comparing the US, France, Germany, Spain, Italy, and Russia, the password choices are remarkably similar – keyboard patterns, names, and sports teams top the lists. Alarmingly, because many web services use English-based standards for evaluating the strength of passwords, they often miscalculate non-English passwords as being stronger than they are.

How to avoid the most hacked passwords

While it’s amusing that poor password choices appear to be a universal phenomenon, we should all be taking steps to reduce our risk of being hacked or becoming a victim of cybercrime.

Why are these passwords trouble? When millions of people use the same passwords, it’s that much more likely that a hacker will successfully guess the correct password when trying to take over an account. Hackers can compile large databases of those popular passwords and make repeated attempts to crack a user’s account. The weaker the password, the fewer attempts required to successfully guess the correct password.

Internet users worldwide should avoid keyboard patterns, names, dates, and any other password based on common words or phrases. Basically, anything found in a dictionary or popularized in the country’s culture are a no-no. Instead, the best passwords are passphrases that combine multiple words. Passphrases can be made stronger by using uppercase and lowercase letters, numbers, and symbols.

However, creating and remembering a unique passphrase for every online account can quickly become a daunting task for most. To avoid the most hacked passwords and increase online security, we recommend a password manager to generate and store unique, long passwords. A password manager removes the burden of creating a different password for every login. It also stores and fills those passwords when a user returns to the website. A user can create one long passphrase as their master password for their password manager account, while the passwords manager does the rest.

A password manager with security features to monitor and improve your password security improves your overall cybersecurity. At Datum Consulting, we can help you find the password manager that will work for your organization and one that will provide features that will help you avoid the most-hacked passwords and keep cybercriminals from compromising your online security.

Previous Post