These are the most common passwords stolen on the dark web, don’t use them


Choose of secure passwords and keeping them properly is essential, even if many users still seem to take this aspect too lightly, as evidenced by a new report published by Lookouta company active in the field of mobile security that recently compiled a list of 20 most commonly found passwords in stolen account information available on the dark web.

The fact that cyber security is still too underestimated is demonstrated by the presence in the above list of simple and predictable alphanumeric sequences such as “123456” and “Qwerty” or banal phrases such as “Iloveyou”.

The excuse of too many passwords to remember doesn’t apply

That so many users are tricked into choosing passwords that are easy to remember is understandable, given that, according to the well-known online password manager NordPass, each person has on average more than one hundred different online accounts for the most disparate uses, each requiring a password. If this number seems exaggerated to you, just do a quick reflection to realize how many accounts you use every day to access how many and which online platforms.

However, choosing passwords that are too simple is never a good idea, since it does nothing but simplify the life of any attackers on duty, who could get their hands on accounts and personal data with minimal effort.

Cyber ​​security is more important than ever

A concern of this kind must sound the alarm bell with even greater urgency at this time, as cybersecurity experts agree that the ongoing war between Ukraine and Russia could lead to a significant increase of the cyber attacks around the world. On the other hand, that the conflict is also being fought with cyber weapons is a fact: if Russia was move in advanceand then get to restrict access to Facebook, Twitter and other mediathe answer was not long in coming and came from the hacker collective Anonymous.

Well, in the current climate of tension, even US banks have recently expressed their opinion worry to be targeted by new attacks by Russian matrices.

This new possible wave would only aggravate an already bad situation: according to the report published in January by the non-profit organization Identity Theft Resource Center2021 was a record year for i data breach in the United States, which grew by as much as 68 percent compared to 2020.

Accounts at risk and the most common passwords

Lookout, which produces cloud security apps for mobile devices, has published a post which contains rather alarming numbers: according to what we read, on average on the dark web the stolen emails of the80% of users; this means that one could easily – and without being aware of it – be part of this percentage.

Those leaked emails are often used by hackers on duty to gain access to other online accounts of the same user and to carry out real identity theft. Here is a list of the 20 most commonly found passwords on the dark web thanks to various data breaches:

  1. 1 2 3 4 5 6
  2. 123456789
  3. Qwerty
  4. Password
  5. 1 2 3 4 5
  6. 12345678
  7. 111111
  8. 1234567
  9. 123123
  10. Qwerty123
  11. 1q2w3e
  12. 1234567890
  13. DEFAULT
  14. 0
  15. Abc123
  16. 654321
  17. 123321
  18. Qwertyuiop
  19. Iloveyou
  20. 666666

Apart from the report, a simple reading of the listed options is enough to realize how – like those most used by Italians – they are trivial and anything but a guarantee of safety. In short, if you use any of these alphanumeric combinations for one of your online accounts, the advice is to immediately change it in favor of a really secure password. Cyber ​​security experts often advise choosing passwords longer than the minimum necessary and to use too less common characters as symbols and punctuation marks along with letters and numbers.

Another practice to avoid is to use the same password for multiple accounts, which would represent a sort of master key in the hands of a hacker. Furthermore, when choosing secure passwords, it is advisable to avoid information that can be easily found online (birthdays, anniversaries, names of loved ones and place of birth). Finally, the National Institute of Standards and Technology of the US Commerce Department suggests consulting lists of already compromised passwords to avoid and using multiple authentication factors.

Speaking of security, we’ve recently seen Google’s latest moves, from notes to saved credentials to sharing passwords.

Read also: On the occasion of Safer Internet Day, Google announces important news on security

Leave a Comment