‘123456’ still most commonly used password. Here’s how long it takes for hackers to crack it

A study by NordPass, a password management software company, exposes the pervasive use of the notoriously weak password “123456,” held by a staggering 45 million accounts that were surveyed.

The second and third most popular passwords, “admin” and “12345678,” were found in approximately 40 million and 13.7 million accounts, respectively. In India, “123456” topped the list, safeguarding around 3.6 million accounts, followed by “admin” in approximately 1.2 million accounts.

The study, conducted in collaboration with independent cybersecurity experts, warns that hackers could crack such passwords in less than a second.

The research team analyzed a massive 6.6 terabyte-database containing stolen passwords, employing various stealer malware such as Redline, Vidar, Taurus, Raccoon, Azorult, and Cryptbot. The malware logs included both passwords and the source websites, with data spanning 35 countries.

The study classified data into verticals, allowing for a statistical analysis based on countries, assuring users that no personal data was acquired or purchased by NordPass. The study revealed a concerning trend among streaming enthusiasts, who demonstrated a propensity for weak passwords compared to users on other popular websites.

NordPass deemed “123456” as the “world’s worst password,” ranking as the most common password four out of five times throughout the study’s lifetime. The researchers emphasized that despite advancements in technology making passwords harder to breach, malware attacks remain a significant threat to account security.

In response to these findings, NordPass urged users to adopt complex passwords of at least 20 characters, incorporating a mix of uppercase and lowercase letters, numbers, and special symbols. The company also advocated against password reuse across multiple platforms, emphasizing the potential risk to all associated accounts if one is compromised.

The study concluded by encouraging users to conduct regular assessments of their passwords for security and recommended the use of password managers like NordPass for a safer online experience.

(With input from agencies)