Remembering different passwords for a range of online accounts can be a serious irritation. It’s probably the biggest reason so many of us opt to use one code across multiple platforms as it makes things much easier to remember. Another trap that’s easy to fall into is having a password that’s far too simple for hackers to guess. Despite endless warnings, codes such as “password”, “12345” and “qwerty” remain hugely popular as they are almost impossible for users to forget.
If you haven’t switched things up in a while or have a password that’s not secure enough it could be time to make some urgent changes.
According to the security team at Kaspersky, there were more than 32 million attempts to attack users with password stealers in 2023 and that number continues to grow.
The latest research has also revealed many codes can be hacked in around one minute because they are just too simple. In fact, the new results indicate that 45 percent of analysed passwords could be guessed by scammers within a 60 seconds.
Kaspersky says that the majority of passwords it examined contained a word from the dictionary, which experts agree significantly reduces a password’s strength.
Names are also very popular along with simple number combinations.
Here are some of the most crackable codes – if yours is on this list it could be time to change it.
Names: “ahmed”, “nguyen”, “kumar”, “kevin”, “daniel”
Popular words: “forever”, “love”, “google”, “hacker”, “gamer”.
Standard passwords: “password”, “qwerty12345”, “admin”, “12345”, “team”
“Unconsciously, human beings create “human” passwords – containing the words from dictionary in their native languages, featuring names, numbers, Etc, things that are easy for our busy brains to recall easily,” The Kaspersky team said.
“Even seemingly strong combinations are rarely completely random, so they can be guessed by algorithms. Given that, the most dependable solution is to generate a completely random password using modern and reliable password managers.”
There are some pretty simple changes you can make to improve the security of your account. Adding capital letters, numbers and symbols all make passwords harder to guess. For example, if your password is currently yellowdog you could change it to Yell@wD0g! – that instantly creates more issues for crooks.
To help users further, Kaspersky has also issued some added advice to improve password security.
• It’s best not to use passwords that can be easily guessed from your personal information, such as birthdays, names of family members, pets, or your own name. These are often the first guesses an attacker will make.
• Enable two-factor authentication (2FA). While not directly related to password strength, enabling 2FA adds an extra layer of security. Even if someone discovers your password, they would still need a second form of verification to access your account. Modern password managers store 2FA keys and secure them with the latest encryption algorithms.
• It’s nearly impossible to memorise long and unique passwords for all the services you use, but with a password manager you can memorise just one master password.
• Use a different password for each service. That way, even if one of your accounts gets stolen, the rest won’t go with it.