The National Cyber Security Centre (NCSC) of UK has issued a warning to British citizens to have stronger and unique passwords after releasing a file containing the top 100,000 passwords from the ‘Have I Been Pwned’ data set. According to the data, the password ‘123456’ was found 23 million times in the breaches.
Among the other commonly hacked passwords globally were “12345”, “123456789”, “qwerty”, “1111111” and even the term “password”. But the buck doesn’t stop there. Bands, celebrities, and even favorite clubs appeared more than a thousand times. Among the bands, popular 90s pop-punk outfit, Blink-182 took the cake. Among the common names that were used, Ashley and Michael topped the list which was followed by Daniel, Jessica and Charlie. In the category of favorite clubs, Liverpool came first with 280,723 uses, followed by Chelsea at 216,677 uses, Arsenal at 179,095 uses, manutd with 59,440 uses, and Everton 46,619 uses.
The surprising entries were the phrase “iloveyou”, and words like “monkey” and “dragon” making an appearance. Several users also used pretty colorful swear words as passwords. The report also noted that even complex passwords like “oreocookie” appeared over 3,000 times.
According to the report, among internet users, only 15 percent agreed to know about basic internet security and how to protect themselves. The NCSC also stressed the possible harm that can arise from re-using passwords across multiple accounts. “Password re-use is a major risk that can be avoided — nobody should protect sensitive data with something that can be guessed, like their first name, local football team or favorite band,” Ian Levy, NCSC Technical Director, said in a statement.
“Using hard-to-guess passwords is a strong first step and we recommend combining three random but memorable words. Be creative and use words memorable to you, so people can’t guess your password,” he added.