Most hacked passwords revealed in warning over cybersecurity

Easily guessed passwords being used across multiple accounts have been highlighted as a major gap in the online security practices of UK internet users.

A survey by the National Cyber Security (NCSC) found that many British internet users did not know the best ways to protect themselves from cybercrime.

Only 15% said they knew “a great deal” about how to protect themselves from harmful activity online, while less than half said they always used a strong, separate password for their main email account.

The findings were released ahead of the NCSC’s CyberUK 2019 conference in Glasgow, which will be used to inform Government policy and the guidance it offers to business and the public.

  1. 123456
  2. 123456789
  3. qwerty
  4. password
  5. 1111111

The research also included lists of the most commonly used passwords globally, highlighting the number of easily guessed log-ins still being widely used.

123456 was the most used, ahead of 123456789 and qwerty – the series of letters which appear in a line on a computer keyboard – the word password and 1111111.

NCSC technical director Dr Ian Levy said: “We understand that cybersecurity can feel daunting to a lot of people, but the National Cyber Security Centre has published lots of easily applicable advice to make you much less vulnerable.

“Password re-use is a major risk that can be avoided – nobody should protect sensitive data with something that can be guessed, like their first name, local football team or favourite band.

“Using hard-to-guess passwords is a strong first step and we recommend combining three random but memorable words. Be creative and use words memorable to you, so people can’t guess your password.”

Ashley was revealed to be the most common name used in a password, followed by Michael, Daniel, Jessica and Charlie.

Liverpool was the most common Premier League Football team used in a password, with Blink 182 the most common music act.

Security researcher Troy Hunt, whose website Have I Been Pwned allows users to check if any of their accounts have been compromised in cyber attacks by collecting data from those breaches – and helped compile the list, said internet users needed to be more creative in their approach to passwords.

- Press Association

More on this topic

Mother and babies ‘doing fine’ after sextuplets born in Poland

COMMENT: Sour taste from Kerry Co-op share redemption plan

Lipsum text for embeds test

Top sportspeople calling for greater promotion of women’s sport

More in this Section

Here is how the internet is dealing with Game of Thrones ending

Grateful parents reunited with newborn after leaving baby in taxi

Game Of Thrones fans heartbroken as show ends with dramatic final episode

Watch as a baby giraffe at Chester Zoo takes her first steps outside


Lifestyle

The scandal that should force us to reconsider wellness advice from influencers

Parental guidance: Danger of overusing asthma inhalers

Michelle Keegan takes her girl squad to Ibiza to showcase her latest fashion collection

Everything you need to know about Rihanna’s brand new luxury fashion house

More From The Irish Examiner