Let’s be honest – how many times have you used something like “123456” or “123123” as your password? With so many online accounts to juggle, it’s tempting to go for simple passwords, even though we know they’re weak. Unfortunately, a report from NordPass shows we’re still making the same mistakes when it comes to keeping our accounts secure.
GET SECURITY ALERTS, EXPERT TIPS – SIGN UP FOR KURT’S NEWSLETTER – THE CYBERGUY REPORT HERE
2024’s most popular (and Insecure) passwords
NordPass has released its compilation of the top 200 most popular passwords used for personal and business purposes. Collaborating with threat management company NordStellar, NordPass analyzed a massive 2.5TB database of global passwords, including those sourced from the dark web. Spoiler alert: They’re still shockingly insecure.
TIRED OF GETTING THOSE MYSTERIOUS PASSWORD RESET EMAILS? HERE’S WHAT TO DO ABOUT IT.
The password hall of shame
We’re all guilty of using weak passwords at some point, but the extent of this digital negligence is truly staggering. For the sixth consecutive year, “123456” claims the dubious honor of being the most common password used by over 3 million people.
It’s followed closely by its slightly more “complex” cousins: “123456789” and “12345678.” But wait, it gets worse. The password “password” still ranks high on the list, used by nearly 700,000 people. It’s as if we’re collectively daring hackers to break into our accounts.
THIS SNEAKY MALWARE IS AFTER YOUR PASSWORDS AND PERSONAL DATA
Top 10 most common passwords
Here are the top 10 most common passwords of 2024, according to NordPass:
1) 123456
2) 123456789
3) 12345678
4) password
5) qwerty123
6) qwerty1
7) 111111
8) 12345
9) secret
10) 123123
Corporate carelessness
You might think that in professional settings, where sensitive data is at stake, people would be more cautious. Think again. The corporate world mirrors personal password habits alarmingly closely. The same weak passwords dominate business accounts, with “123456” leading the pack, used in over 1.2 million instances.
DATA BROKER BLUNDERS AS MILLIONS ARE EXPOSED WITH PUBLIC PASSWORDS
The consequences of weak passwords
Using such easily guessable passwords is like leaving your front door wide open in a neighborhood full of burglars. These passwords can be cracked in less than a second, potentially leading to account compromise, identity theft, and a host of other digital nightmares.
Strengthening your digital defenses
So, how can we break this cycle of password mediocrity?
1) Go Long: Aim for passwords that are at least 20 characters long.
2) Mix it up: Use a combination of uppercase and lowercase letters, numbers, and special symbols.
3) Unique is key: Never reuse passwords across multiple accounts.
4) Regular reviews: Periodically assess and update your passwords.
5) Consider using a password manager: A password manager will securely store and generate complex passwords. It will also help you to create unique and difficult-to-crack passwords that a hacker could never guess. In addition, it keeps track of all your passwords in one place and fills passwords in for you when you’re logging into an account so that you never have to remember them yourself. The fewer passwords you remember, the less likely you will be to reuse them for your accounts.
What qualities should I look for in a password manager?
When it comes to choosing the best password manager for you, here are some of my top tips.
- Deploys secure
- Works seamlessly across all of your devices
- Creates unique complicated passwords that are different for every account
- Automatically populates login and password fields for apps and sites you revisit
- Has a browser extension for all browsers you use to automatically insert passwords for you
- Allows a failsafe in case the primary password is ever lost or forgotten
- Checks that your existing passwords remain safe and alerts you if ever compromised
- Uses two-factor authentication security
One of the best password managers out there is 1Password. With no known security breaches or vulnerabilities, 1Password is a solid option as a paid password manager. It utilizes a well-designed interface, which features core components that are expected from premium, paid password managers. At the time of publishing, it starts at $2.99 a month, billed annually, for a total of $35.88/year, and you can save more with a family option, which includes 5 family members for $60/year.
Get more details about my best expert-reviewed Password Managers of 2024 here.
6) Start using passkeys: Passkeys are designed to replace traditional passwords and are steadily gaining traction, particularly among major companies and websites. Far more secure and reliable than conventional passwords, passkeys enable automatic sign-ins to websites and apps using facial recognition, fingerprint authentication, or a physical security key.
Kurt’s key takeaways
It’s clear that we need to step up our password game. Using weak passwords like “123456” is a gamble we can’t afford to take, especially with so much of our lives online. By taking simple steps—like creating longer, more complex passwords and using a password manager—we can better protect ourselves from cyber threats. Let’s make 2025 the year we prioritize our digital security and leave those outdated passwords behind.
What’s the worst password you’ve ever used, and did anything bad happen because of it? Let us know in the comments below.
FOR MORE OF MY TECH TIPS & SECURITY ALERTS, SUBSCRIBE TO MY FREE CYBERGUY REPORT NEWSLETTER HERE
5 comments