Report: majority of passwords can be cracked in a second
Approximately 73% of the most popular passwords people use can be hacked in less than a second, according to data provided by the NordPass password manager. After analysing the top passwords from 2019, NordPass researchers found that 70% of the passwords could be cracked in less than a second — 3% less than in 2020.
The table below details the top 10 passwords of 2020, along with the time it takes to hack them and the number of times they’ve been exposed in various data breaches.
Chad Hammond, a security expert at NordPass, noted that millions of people still use generic and weak passwords and don’t hear the message that a strong password is one of the most important measures for those who want to be secure online.
The most common way hackers ‘crack’ passwords is through the so-called ‘brute-force’ attack. It’s an automated, common and effective method to hack people’s passwords. When brute-forcing your password, hackers check if your password is among the most popular. They will also check all the known information you might use for your password, such as your name, address, favourite band, sports team or pet’s name. Hackers might also use a program that will tweak this information by adding more data, such as numbers or special symbols.
Hackers can also translate words into Leetspeak (where ‘password’ becomes ‘p422W0Rd’) or scan ‘rainbow tables’. These are vast sets of tables filled with hash values pre-matched to possible plaintext passwords. Hackers can also check if your other accounts have been breached and whether you’ve reused the same password for another account.
“That’s why it’s so important to use unique passwords for all accounts. Unfortunately, according to our survey, 63% of people reuse their passwords,” said Hammond.
Hammond recommends using strong passwords that are lengthy and contain letters, numbers and special characters. In addition, the passwords must be unique for every account. Using multifactor authentication is also encouraged, to further enhance protection.
The ACSC's Annual Cyber Threat Report found that cyber threats reported to the agency grew...
Two-thirds of IT security professionals in Australia reported an increase in both their...
Automated bots now account for nearly two-thirds of internet traffic, and are used for a variety...