An analysis of password habits worldwide has revealed we are still performing poorly when it comes to strong credential management.
While the idea of using passwords such as QWERTY, 123456, and PASSWORD might seem like a joke these days, they are still commonly found in data dumps of stolen credentials published online.
Major online service providers now often enforce strong passwords with lower-case and capital letters, numbers, and special characters and may also encourage and enforce multi-factor authentication (MFA).
However, businesses may not impose the same standards. In addition, ghost and forgotten accounts, hardcoded credentials, and the re-use of username and password combinations are still common problems today.
On Wednesday, Nordpass published its annual study of password use across 50 countries, the “Most Common Passwords” report, an evaluation of a database containing 4TB of leaked passwords, many of which originated from the US, Canada, Russia, Australia, and Europe.
According to the researchers, the most common passwords in 2021, worldwide, were:
123456 (103,170,552 hits)123456789 (46,027,530 hits)12345 (32,955,431 hits)qwerty (22,317,280 hits)password (20,958,297 hits)12345678 (14,745,771 hits)111111 (13,354,149 hits)123123 (10,244,398 hits)1234567890 (9,646,621 hits)1234567 (9,396,813 hits)
Among the findings, the researchers also found that a “stunning” number of people like to use their own name as a