Businessman on blurred background using digital padlock to secure his datas 3D rendering
Share on facebook
Share on twitter
Share on pinterest
Share on linkedin

If "123456" looks way, way too familiar, you may be heading for trouble

By Richard Arneson

In a recent study by the UK’s National Cyber Security Centre (NCSC), they found that 123456 is the most used password on accounts that have been breached. They analyzed public databases of breached accounts to discover what words, phrases or number combinations were most used. From their research, they discovered that there’s a wider gap in cyber knowledge than they had anticipated.

The rest of the lazily-set passwords

While 123456 took the top spot with over 23 million uses, the second most popular string was only slightly less demanding to crack—123456789. Others making the top five (5) included 1111111 and qwerty.

The most commonly used name was, oddly enough, Ashley. Michael, Daniel, Charlie (gulp) and Jessica closely followed. And, while they don’t state that the databases analyzed were primarily from UK accounts, it can probably be assumed considering English Premier soccer (ah, I mean football) teams were password-inspiring Liverpool and Chelsea. Defending champion Manchester City didn’t fare well—or maybe they did, depending how you look at it.

It was an American rock band that topped this less-than-desirable chart—Blink-182. It’s assumed they were big hitters due to passwords that required a combination of letters, numbers and at least one (1) symbol. The B-52s were a couple decades too late.

The takeaway seems pretty intuitive—don’t use easily guessed words or numbers. And if you’re dead-set on using something you’ll remember, at least string together several words. Liverpoolcharlie123456, while not great, maybe, is a start.

Security habits

The NCSC’s study also delved into the psychology of users’ fears and habits. In an odd twist, almost fifty percent (50%) of respondents stated that they expected to lose money to online fraud at some point, and only fifteen percent (15%) were confident they could keep themselves safe online. It begs the question: Why, if they’re sure they’re going to lose money and they have no confidence in their security, don’t they use better passwords?

Security expert Troy Hunt, who maintains a comprehensive database of hacked accounts, said picking a good password was the single greatest control users have against attacks.

With the volume of excellent password management tools available, users have a spate of options to address this issue. It’s not a security panacea, but will greatly help keep your choice of passwords from being analyzed off a hacked account database.

Contact these pro’s if you’re looking for answers to your organization’s network security questions

To find out how to shore up your organization’s security posture, contact GDT’s tenured and talented engineers and security analysts at From their Security and Network Operations Centers, they manage, monitor and protect the networks of organizations of all sizes, including those for some of the most notable enterprises, service providers, healthcare organizations and government agencies in the world. They’d love to hear from you.

If you want more information about network security, read about it here:

Oh, no, not the CAPTCHA screen

If you’re storing data down under, you’re likely re-thinking that decision, says Microsoft president

What’s left when a supply-chain reliant corporation gets hacked? Paperwork

Introducing your cyber threat starting lineup

Death and Taxes—and you can add this to the mix

If you doubled down on Russia, your bet’s safe

What happens in an ATM, doesn’t always stay in an ATM

Google launches itself into cybersecurity space

Getting Stuffed at Dunkin’ Donuts?

Security Myths Debunked

State of the Union address focuses on technology–briefly

The technology arms race was just amped up

Apparently, cyber attackers also consider imitation to be the sincerest form of flattery

Last week’s DHS “alert” upgraded to “an emergency directive”

The Collection #1 data breach—sit down first; the numbers are pretty scary

Shutdown affects more than workers

DDoS Attacks will deny a Massachusetts Man Ten (10) years of Freedom

Phishing for Apples

This isn’t fake news

Don’t get blinded by binge-watching

Mo Money, Mo Technology―Taylor Swift uses facial recognition at concerts

Step aside all ye crimes—there’s a new king in town

Q & A for a Q & A website: Quora, what happened?

They were discovered on Google Play, but this is no game

And in this corner…

Elections are in, but there’s one (1) tally that remains to be counted

Hiring A Hacker Probably Shouldn’t Be Part of Your Business Plan

Gen V

Sexy, yes, but potentially dangerous

Tetration—you should know its meaning

It’s in their DNA

When SOC plays second fiddle to NOC, you could be in for an expensive tune

How to protect against Ransomware


Subscribe to our Newsletter

WordPress Image Lightbox