Technology has made lives easier for society, but our over-reliance on passwords proves to be one of the challenges. As the number of devices and accounts grow, there has been a surge in the people using the same passwords for multiple accounts leading to account compromise. A recent survey was conducted by SplashData for its Annual Worst Password List 2019; and on the top rank for worst passwords, we again have ‘123456’ as the primarily used password, and ‘123456789’ still holds the second place. What makes these passwords worst, in terms of security, is that they can be guessed easily, making the accounts vulnerable. In the third place, we have QWERTY; and fourth place, we have the word ‘password’ as a password!
Many of the businesses to deal with the menace of passwords have created a two-factor authentication, wherein the users will have a password authentication security layer, and then the other layer will have an OTP or biometric authentication. The other top entrants to the list were ‘12345678,’ ‘12345,’ ‘iloveyou,’ ‘111111,’ and ‘123123,’ an apparent sign that people can’t resist creating weak passwords using simple number keys on their keyboards. There have been new entries to the list—1q2w3e4r and qwertyuiop—wherein the users are using continuous keys on keyboards to create their passwords.
Many of the programs implemented by websites even prevent users from creating simple passwords. However still, there are a number of older devices and websites that let people create weak passwords that can be easily hacked. Many of the tech users today feel that designing a password that is complex and secure but even easy to remember seems to be a more significant exercise. And it’s just an overburden of tasks that users need to remember different passwords for different websites.
Currently, about 10% of the people have used at least one of the 25 passwords on this year’s list, according to the SplashData. The worst password ‘123456’ is currently being used by almost 3% of the users. North America and Western Europe are some of the top regions where the passwords get leaked, and in 2019 there were 5 million of them that were leaked.