What are the world’s most-hacked passwords?
National Cyber Security Centre research reveals the most commonly breached passwords
Brits have been urged to better protect themselves online after a survey revealed the most commonly breached passwords across the world.
Ministers called on internet users to avoid passwords such as ‘123456’, after analysis released by the National Cyber Security Centre (NCSC) found it to be the most breached worldwide, on 23.2 million occasions.
The survey of the 100,000 most commonly re-occurring passwords also included ‘qwerty’ and ‘password’, which were illicitly accessed by third parties 3.8 million and 3.6 million times respectively.
It also revealed ‘ashley’ to be the most commonly used name in breaches, with 432,276 examples, followed by ‘michael’ and ‘daniel’.
Elsewhere ‘liverpool’ topped the examples of English Premier League football teams used to access accounts, with 280,723 examples, followed by ‘chelsea’ on 216,677 and ‘arsenal’ on 179,095.
‘Blink182’ topped the list of passwords based on musicians which were breached, followed by ‘50cent’ and ‘eminem’.
- ICO ‘making enquiries’ after MPs admit sharing passwords with staff
- Don’t Gamble with your password resets!
- Scottish Parliament repels 'brute-force cyberattack' as MSPs urged to toughen up passwords
The data, which was collected and published on website ‘Have I Been Pwned’ by international web security expert Troy Hunt, was released alongside a poll carried out on behalf of the NCSC and the Department for Digital, Media and Sport (DCMS).
It found 42% of Brits expect to lose money to online fraud.
The survey also revealed just 15% of the UK public say they know a 'great deal' about how to protect themselves from harmful activity, despite 89% using the internet to make online purchases.
Meanwhile almost half (46%) agree that most information about how to keep secure online is confusing, while 18% agree strongly.
And less than half of those surveyed do not always use a strong, separate password for their main email account.
Speaking ahead of a major cybersecurity conference in Glasgow this week, Cabinet Office minister David Lidington said the findings underline the “importance of using strong passwords at home and at work”, amid a “growing global threat from cyberattacks”.
"This is a message we look forward to building on at CYBERUK 2019, an event that reaffirms our commitment to make Britain both the safest place in the world to be online and the best place to run a digital business.
Digital and creative industries minister Margot James said: "Cybersecurity is a serious issue, but there are some simple actions everyone can take to better protect against hackers.
“We shouldn't make their lives easy so choosing a strong and separate password for your email account is a great practical step.
“Cyber breaches can cause huge financial and emotional heartache through theft or loss of data which we should all endeavour to prevent."
NCSC’s technical director Dr Ian Levy added: "Password re-use is a major risk that can be avoided - nobody should protect sensitive data with something that can be guessed, like their first name, local football team or favourite band.
“Using hard-to-guess passwords is a strong first step and we recommend combining three random but memorable words. Be creative and use words memorable to you, so people can’t guess your password.”
Consultation launched seeking feedback on risks and mitigations for systems that now underpin a wide range of ‘essential services’
Former cabinet secretary Mark Sedwill has landed a non-executive role at BAE Systems
New measures prohibit supply of any tech used for ‘internal repression’
Government-backed hub aims to create jobs and improve resilience