Despite the rise of cyber attacks involving things like phishing, denial of service, and malware, people often still create passwords that are easy to crack (simple numerical sequences, for instance, or personal information that might be publicly accessible, such as birthdays or street numbers) and use the same log-ins across all of their accounts. Doing this means that once hackers find their way in, they wind up with keys to your entire online kingdom.
One possible explanation for using simple passwords is the heavy reliance people have on numerous web services. It can be difficult to keep track of a long list of complex and secure alphanumeric passwords, so people fall back on memory hacks, using sequences that are easy to remember. (We take our electronic devices so much for granted today that we might be surprised to learn the cost of a computer every year since 1970.)
To determine the most common passwords in America as of this year and the time it takes password cracking software to reveal them, 24/7 Tempo reviewed data from a report on the top 200 most common passwords published by NordPass, a password management division of the digital security and privacy firm Nord Security. NordPass compiled the list in partnership with what it describes as “independent researchers specializing in research of cybersecurity incidents,” who evaluated a 4TB database, classifying data into various verticals in order to perform statistical analyses.
The time it would take to crack the passwords comes from zxcvbn, an online password strength estimator. NordPass used a program assuming multiple attackers, proper user-unique salting, a slow hash function, and a moderate work factor, and notes that different approaches might yield different crack times. So, they add, might the use of different computer technologies.
The results of the study might make you think twice about using obvious passwords unless you want your accounts to be accessed by cybercriminals hunting for access to a system or for data they can leverage to commit identity theft and financial fraud — or even hijack your car. (This is the car with the best technology.)