Coming up with a good password is difficult. Ideally, it is memorable and unique. Unfortunately, we are the product of our biases and culture, so sometimes a password that appears unique to us is shared by hundreds of thousands of other people.
The British National Cyber Security Centre (NCSC) has released the 100,000 most common passwords as collected by the website “Have I been pwned?” and it’s an exhortation to consider changing passwords that might appear in the list.
The top password remains “123456”, which is used in 23.2 million accounts. The silver medal goes to “123456789” with 7.7 million. These two are followed by “qwerty”, “password”, and “1111111”, which are all between 3 and 4 million users. One of my favorites on the list is “trustno1”, which truly shows we are much better at giving advice than we are following it. More than 200,000 people use the word “secret”, which is hilarious in itself.
The agency has also highlighted some common groups such as musicians (blink182, 50cents, eminem), fictional characters (superman, naruto, tigger), and names (ashley, michael, daniel).
“We understand that cyber security can feel daunting to a lot of people, but the NCSC has published lots of easily applicable advice to make you much less vulnerable,” Dr Ian Levy, NCSC technical director, said in a statement.
“Password re-use is a major risk that can be avoided – nobody should protect sensitive data with something that can be guessed, like their first name, local football team or favourite band.
"Using hard-to-guess passwords is a strong first step and we recommend combining three random but memorable words. Be creative and use words memorable to you, so people can’t guess your password.”
The NCSC has also released the results of a survey they conducted about safety online. Of the people interviewed, 30 percent stated that they did not care very much or at all about staying safe online. Around 46 percent thought the information on staying safe online is confusing. Just over half of the people in the survey think a lot about how to avoid getting their money stolen or their privacy compromised.
Coming up with good passwords or using different passwords for different accounts is the easiest way for individuals to improve their online security.