Clicky

23M people with the password ‘123456’ have been hacked

One of the worst passwords you can use is 123456 - and 23 million people have been hacked for using it.

If you’re tired of censorship and surveillance, subscribe to Reclaim The Net.

Ahead of Glasgow’s 2019 CYBERUK conference happening this week, the UK National Cyber Security Center has conducted a breach analysis aimed at checking its citizens’ ability to keep their data secure with strong passwords. The results show that the most commonly used passwords are also stupidly weak.

The data, obtained from the web “Have I Been Pwned”, shows that more than 23 million people who were hacked were using “1233456” as a password, followed by 7.7 million using “123456789” and 3.8 million using “qwerty”. The list continues with “password”, “1111111” and other ridiculously simple passwords.

Consider yourself a crypto-genius, if you are using ‘Bank2019’ for your online banking.

The NCSC has also conducted the first UK Cyber Survey, which brought to light other interesting details about people’s perception of internet security:

• Only 15% say they know a great deal about how to protect themselves from harmful activity
• The most regular concern is money being stolen – with 42% feeling is likely to happen by 2021
• 89% use the internet to make online purchases – with 39% on a weekly basis
• One in three rely to some extent on friends and family for help on cybersecurity
• Young people more likely to be privacy conscious and careful of what details they share online
• 61% of internet users check social media daily, but 21% report they never look at social media
• 70% always use PINs and passwords for smartphones and tablets
• Less than half do not always use a strong, separate password for their main email account

As reported by NCSC technical director Dr. Ian Levy, “We understand that cybersecurity can feel daunting to a lot of people, but the NCSC has published lots of easily applicable advice to make you much less vulnerable,”

Password re-use is a major risk that can be avoided – nobody should protect sensitive data with something that can be guessed, like their first name, local football team or favorite band.

Using hard-to-guess passwords is a strong first step and we recommend combining three random but memorable words. Be creative and use words memorable to you, so people can’t guess your password. -Dr. Ian Levy

“Given the growing global threat from cyber attacks, these findings underline the importance of using strong passwords at home and at work,” said David Lidington, Chancellor of the Duchy of Lancaster and Minister for the Cabinet Office.

“This is a message we look forward to building on at CYBERUK 2019, an event that reaffirms our commitment to make Britain both the safest place in the world to be online and the best place to run a digital business.”

In addition to an ever-growing number of internet users, there is an ever growing number of websites that require logging in using a password. This could be also one of the reasons why users often opt for easier passwords or for repeating the same one over and over, especially on those websites perceived as non-dangerous. And with the recent revelations on the biggest browsers, can we really trust them when they ask us if they should save a password for a specific website?

If you’re tired of censorship and surveillance, subscribe to Reclaim The Net.

Read more

Share this post

Reclaim The Net Logo

Join the pushback against online censorship, cancel culture, and surveillance.

Already a member? Login.