Millions of people are using easy-to-guess passwords on sensitive accounts, with “123456” being the most widely-used on breached accounts, suggests a security study. Also Read - WhatsApp: How to set up two-step verification for more security
The study by the UK’s National Cyber Security Centre (NCSC) helped to uncover the gaps in cyber-knowledge that could leave people in danger of being exploited, the BBC reported on Sunday. Also Read - Here's how to ensure that your Google Accounts are secure
For its first cyber-survey, the NCSC analysed public databases of breached accounts to see which words, phrases and strings people used. Also Read - World Password Day: How to set a strong password and keep your privacy intact
Top of the list was “123456”, appearing in more than 23 million passwords. The second-most popular string, “123456789”, was not much harder to crack, while others in the top five included “qwerty”, “password” and “1111111”.
The most common name to be used in passwords was “Ashley”, followed by “Michael”, “Daniel”, “Jessica” and “Charlie”.
When it comes to Premier League football teams in passwords, “Liverpool” came first and “Chelsea” second. “Blink-182” topped the charts of music acts.
People who use well-known words or names for a password put themselves people at risk of being hacked, said Ian Levy, technical director of the NCSC.
“Nobody should protect sensitive data with something that can be guessed, like their first name, local football team or favourite band,” he said.
Security expert Troy Hunt, who maintains a database of hacked account data, said picking a good password was the “single biggest control” people had over their online security.
“We typically haven’t done a very good job of that either as individuals or as the organisations asking us to register with them.”