The Worst Passwords of 2022... What Can We Learn?

Those that follow our blog know, this is something we enjoy (and cringe at) doing each year. The true strength of passwords has always been overestimated. Unfortunately, passwords are becoming an increasingly significant point of weakness for personal and business security and it's no surprise considering this year's most popular (and worst) password of 2022 is... *sigh*... "password"

Free Download: The Ultimate Guide To Staying Safe Online

Looking back at 2021, the top 10 worst passwords included “12345”, “qwerty” & “password” to name a few. Of last year's top 10, 8 have managed to keep their positions, with two new additions, "guest" at 4th, and "Col123456" at 9th. The list of worst passwords was compiled in partnership with independent researchers specializing in research of cybersecurity incidents; they evaluated a 3TB database.

Some of the trends they picked up on included, the most common name used in bad password is daniel, people's choice of car-related passwords have become more grounded with mini, and Kia taking the top spots away from Ferrari and Porsche, and people must really enjoy eating "fish" as it's now the most common food-related password. 

Unfortunately, it seems, many of us have kept with our lazy password habits as yet again, easy-to-guess combinations of numbers and keyboard patterns have taken up 7 of the top 10 spots with 5 of them all starting with "123". What's even more worrying is that the first 49 passwords on the list would all take less than 10 seconds to be cracked!

We've highlighted the top 10, but please feel free to browse (and judge) the full list HERE

  1. password
  2. 123456
  3. 123456789
  4. guest
  5. qwerty
  6. 123456789
  7. 111111
  8. 12344
  9. col123456
  10. 123123

People use these simplistic passwords out of convenience, often for accounts, they don't care about like the one-off shopping sight sign-ups. The problem is, people don't understand that even though they don't care about that single account if a hacker gains access they can use this to uncover any other information put on the account like emails, names, phone numbers, and even payment details.

Easy Ways to Increase Password Hygiene

A study by dataprot found that 51% of people have admitted to using the same password for multiple accounts. It's not unlikely that one of your passwords has looked similar to or appeared on this list. If they have, it's most definitely time to level up your password hygiene and here is how. 

Don't Reuse passwords

51% of people have admitted to reusing passwords for multiple accounts

We understand, these days it feels like everything needs a password. We have passwords for our desktops, email, social media, shopping and almost any other website you've needed to make a booking or order through. Having to create this many accounts can make you understand why people re-use passwords or use ones that are easy to remember. 

People often forget when creating 'unimportant' accounts that if cyber-criminals gains access to even one of their accounts, criminals would subsequently gain access to any of your other accounts that use this password. 

Keep it Complex and Keep it Long

Of course, the top 10 most common passwords are so blatantly bad that it's almost comical, but throughout the full list of the 200 worst passwords, many are passwords people genuinely would have thought to be strong. The vast majority of the passwords on this list and can be cracked in less than a second! 

People often forget when creating unimportant accounts that if a cyber-criminal gains access to even one of your accounts criminals would subsequently gain access to any of your other accounts that use this password. A complex password is one that contains at least 12 characters and a variety of upper- and lowercase letters, numbers, and symbols.

Take the Time to Maintain and Delete Old Accounts

95% of data breaches are caused by human error (this includes weak passwords)

Regularly check which accounts you’re still using and which you no longer access. Unused accounts can put your security online at risk because you may not notice when they get breached. What's more, even if you use a 'spam' password for accounts you don't care about if you accidentally forget to remove any of your information from that account the hacker will gain access. This can be anything from phone numbers, names, addresses and even payment information. 

A common misconception is that most information outside of payment details is of little use to hackers but this is false. Hackers also make a profit from your personal information. Many of these hacking groups build profiles on people using their real information which they can then sell to someone that can impersonate you which will then take out loans, open bank accounts and purchase malicious items all in your name using your personal information.

Stay Vigilant Against Phishing Attacks

If you allowed yourself to fall victim to a phishing attack, a password cracker could be installed onto your device which will then try thousands of different passwords every second, working from most common to least common. If your password Is not unique or contains common words/names it will most likely take cyber-criminals less than a few seconds to get into your account.

If you're worried you might accidentally fall victim to a phishing attack, view these quick and easy ways you can avoid phishing here.

Make Password Management Easy

Secure, create and manage, passwords easily with Bitwarden!

Bitwarden is an open-sourced password manager that enables companies to protect multiple accounts with robust passwords using end-to-end encryption, without the hassle of needing to remember them.Bitwarden_logo.svg

Bitwarden offers everything from a general password manager and generator, to secure file and account sharing. Bitwarden is a complete security game-changer. Having a password manager is imperative these days and if you are going to pick one bitwarden has everything you need and more to keep your data secure.

Feel bitwarden would help keep your business secure or just want to learn a bit more? Click here to view our Bitwarden blog for a deeper insight.

Conclusion

We understand, it feels like everything needs a password in this age. Shopping, email, workstations, and social media are only a few of the many accounts you'll have to make, and coming up with a unique password you'll remember for each one can be difficult. This is most likely why patterns on a keyboard are some of the most common passwords, as they are extremely easy to remember but even easier to crack! 

If you've noticed any of your passwords are either on this list or seem similar, 2022 is the year you take the appropriate steps to better your password security. For instance, using different, complex passwords for each of your accounts and making use of a password manager, as well as turning on two-factor authentication. Making sure of these will reduce the risk of a hacker breaching your accounts and data.

Do you want to reduce your business exposure but don't know where to start? We're here to help, with over 15 years of experience working with small and large companies, putting the right security solutions in place for them, we could be the trusted MSP your business needs. To find out more, please feel free to contact us on 0330 002 0045 or email enquiries@entrustit.co.uk, to be put in contact with one of our experienced consultants.

New call-to-action

Subscribe here!

Recent Posts

Posts by tag

See all