What are the world’s most-hacked passwords?
National Cyber Security Centre research reveals the most commonly breached passwords
Brits have been urged to better protect themselves online after a survey revealed the most commonly breached passwords across the world.
Ministers called on internet users to avoid passwords such as ‘123456’, after analysis released by the National Cyber Security Centre (NCSC) found it to be the most breached worldwide, on 23.2 million occasions.
The survey of the 100,000 most commonly re-occurring passwords also included ‘qwerty’ and ‘password’, which were illicitly accessed by third parties 3.8 million and 3.6 million times respectively.
It also revealed ‘ashley’ to be the most commonly used name in breaches, with 432,276 examples, followed by ‘michael’ and ‘daniel’.
Elsewhere ‘liverpool’ topped the examples of English Premier League football teams used to access accounts, with 280,723 examples, followed by ‘chelsea’ on 216,677 and ‘arsenal’ on 179,095.
‘Blink182’ topped the list of passwords based on musicians which were breached, followed by ‘50cent’ and ‘eminem’.
- ICO ‘making enquiries’ after MPs admit sharing passwords with staff
- Don’t Gamble with your password resets!
- Scottish Parliament repels 'brute-force cyberattack' as MSPs urged to toughen up passwords
The data, which was collected and published on website ‘Have I Been Pwned’ by international web security expert Troy Hunt, was released alongside a poll carried out on behalf of the NCSC and the Department for Digital, Media and Sport (DCMS).
It found 42% of Brits expect to lose money to online fraud.
The survey also revealed just 15% of the UK public say they know a 'great deal' about how to protect themselves from harmful activity, despite 89% using the internet to make online purchases.
Meanwhile almost half (46%) agree that most information about how to keep secure online is confusing, while 18% agree strongly.
And less than half of those surveyed do not always use a strong, separate password for their main email account.
Speaking ahead of a major cybersecurity conference in Glasgow this week, Cabinet Office minister David Lidington said the findings underline the “importance of using strong passwords at home and at work”, amid a “growing global threat from cyberattacks”.
"This is a message we look forward to building on at CYBERUK 2019, an event that reaffirms our commitment to make Britain both the safest place in the world to be online and the best place to run a digital business.
Digital and creative industries minister Margot James said: "Cybersecurity is a serious issue, but there are some simple actions everyone can take to better protect against hackers.
“We shouldn't make their lives easy so choosing a strong and separate password for your email account is a great practical step.
“Cyber breaches can cause huge financial and emotional heartache through theft or loss of data which we should all endeavour to prevent."
NCSC’s technical director Dr Ian Levy added: "Password re-use is a major risk that can be avoided - nobody should protect sensitive data with something that can be guessed, like their first name, local football team or favourite band.
“Using hard-to-guess passwords is a strong first step and we recommend combining three random but memorable words. Be creative and use words memorable to you, so people can’t guess your password.”
Health secretary calls on public to embrace technology
Report commissioned after New Year Honours blunder cites need for greater senior accountability and finds widespread use of free consumer tools
Various other countries are using voluntary or mandatory tracking to follow spread of pandemic, as PM says tech will ‘help us see the disease as it is transmitted’
The Joint Committee on Human Rights has drafted a bill designed to ensure users’ data is not misused
HPE shows why organisations are increasingly seeking to understand and consider the environmental impacts of their IT purchasing decisions
HPE makes the case for hybrid cloud services to transform and enhance relationships with citizens...
CyberArk's John Hurst looks at the true cost of GDPR breaches