Facepalm: It’s 2022, a digital age where much of the world works from home, so one would imagine that comically bad passwords have been consigned to the history books. Sadly, that’s not the case, as yet another study has shown that people keep getting hacked due to their poor choice of credentials.
Card payments company Dojo analyzed data from the UK’s National Cyber Security Centre (NCSC) on 100,000 passwords to come up with a list of the most commonly-used categories people look to when picking a password. Victims tend to use variations of the same password, often with a few other easily guessable characters, e.g. Love123456.
The most popular category was terms of endearment, found in 4,032 of the most commonly hacked passwords. So even if you are someone’s Love (1,492 hacks), Baby (417), or Angel (330), maybe don’t incorporate that term into your passsword.
Next up are names. While using your own name might be an easy way to remember a password, it’s certainly not a good idea, hence the 3,913 hacks found in this category. Sam was the most popular/worst offender (313 hacks).
Click to expand
Next is animals, which covers Dog (354) and Cat (265) rather than actual pet names. Further down the list, we see the usual suspects: emotions, food, colors, family members, and brands (Apple, LinkedIn, and Google are named). It’s refreshing to see that swear words are pretty popular, taking seventh spot in the table.
Social media platforms are at 19th, though anyone who uses “Facebook” as their Facebook password deserves to be hacked. They’re followed by star signs in twentieth place.
The report also looked at the most commonly hacked passwords with the most users. As we’ve seen countless times before, 123456 remains number one, with an incredible 23.2 million users. That’s followed by 123456789 (7.7 million users), Qwerty (3.8 million), Password (3.6 million), and 1111111 (3.1 million).
One of the best ways to avoid password-based hacks is to use a dedicated password manager, where all you have to remember is the master password—just don’t use 123465. Some of our favorites can be found in this Essential Apps feature.