What are the world’s most commonly hacked passwords?

Is it an individual’s name, favorite football team, or perhaps one’s favorite band? UK’s National Cyber Security Centre has decided to shine some light on the matter and released a list featuring the 100,000 most commonly-seen passwords in data breaches of various sorts.

Thousands of internet users make the mistake of picking passwords that are easy to remember, thus inviting trouble their way. The institution came to their conclusions by analyzing passwords that have been leaked as a result of breaches.

‘123456’ was found to be the most commonly-hacked password by far (23.2 million users). ‘123456789’ came second (7.7 million users). ‘qwerty’ claimed the third place (3.8 million users), followed by ‘password’ (3.6 million users), and ‘111111’ (3.1 million users).

Simplicity seems to be the prevailing trend as we go down the top 20 list, with examples such as ‘I love you’, ‘dragon’, and ‘monkey’ claiming the rest of the spots.

Names are another recurring theme. To list an example, ‘Ashley’ and ‘Michael’ is used in over 400,000 instances. Band names are commonly seen as well, with 285,705 having set ‘blink182’ as their password. Much in the same vein, 280,723 sports fans have chosen ‘Liverpool’ as their password.

Another problematic aspect of not being aware of basic cybersecurity principles is the fact that people are re-using the same passwords across multiple accounts. In other words, if one account gets compromised, all a hacker has to do to compromise the rest of the accounts on other websites that belong to the same person is, well, copying and pasting it.