Report: majority of passwords can be cracked in a second


Friday, 22 January, 2021

Report: majority of passwords can be cracked in a second

Approximately 73% of the most popular passwords people use can be hacked in less than a second, according to data provided by the NordPass password manager. After analysing the top passwords from 2019, NordPass researchers found that 70% of the passwords could be cracked in less than a second — 3% less than in 2020.

The table below details the top 10 passwords of 2020, along with the time it takes to hack them and the number of times they’ve been exposed in various data breaches.

Table credit: NordPass.

Chad Hammond, a security expert at NordPass, noted that millions of people still use generic and weak passwords and don’t hear the message that a strong password is one of the most important measures for those who want to be secure online.

The most common way hackers ‘crack’ passwords is through the so-called ‘brute-force’ attack. It’s an automated, common and effective method to hack people’s passwords. When brute-forcing your password, hackers check if your password is among the most popular. They will also check all the known information you might use for your password, such as your name, address, favourite band, sports team or pet’s name. Hackers might also use a program that will tweak this information by adding more data, such as numbers or special symbols.

Hackers can also translate words into Leetspeak (where ‘password’ becomes ‘p422W0Rd’) or scan ‘rainbow tables’. These are vast sets of tables filled with hash values pre-matched to possible plaintext passwords. Hackers can also check if your other accounts have been breached and whether you’ve reused the same password for another account.

“That’s why it’s so important to use unique passwords for all accounts. Unfortunately, according to our survey, 63% of people reuse their passwords,” said Hammond.

Hammond recommends using strong passwords that are lengthy and contain letters, numbers and special characters. In addition, the passwords must be unique for every account. Using multifactor authentication is also encouraged, to further enhance protection.

Top image credit: ©stock.adobe.com/au/jamdesign

Related News

Aussie workers wilfully gamble with enterprise security: report

Nearly three in four Australian employees admit to engaging in actions such as reusing or sharing...

Aussie IT leaders unsure how to respond to data breaches

A report from KnowBe4 found that 71% of Australian IT decision-makers are unsure what steps they...

China-linked attackers exploiting trusted relationships

A new report from CrowdStrike finds that China-nexus adversaries are increasingly exploiting...


  • All content Copyright © 2024 Westwick-Farrow Pty Ltd