Passwords to avoid at all costs: Aussies warned of most dangerous for 2023 that can be cracked in seconds
The world’s most popular password remains the deeply insecure numerical phrase of ‘123456’. More than 4.5 million people use the very easily guessed number chain, according to analysis of leaked passwords by global password manager NordPass.
It was the second-most-common password for Australians (tut tut) in the review of 10.9TB of publicly available databases, including those on the darkweb guessed by cybercriminals who can be seeking to infiltrate your online identity and often your finances.
Head of product growth at NordPass Gediminas Brencius told Yahoo Finance Australians who might think they are making their passwords more secure by simply whacking on some extra digits are making a serious mistake.
Do you have a story to tell? Contact email@example.com
“Special characters don’t provide value when a sequence of them is added at the end of a password like “Password123” or when letters are replaced with symbols like “P@ssw0rd”, as automatic password cracking can include such changes and add simple number sequences at the end,” he said.
“Numbers and special characters strengthen the passwords only when they are added randomly.”
Aussies appear to have bucked the numerical-sequence trend (which accounts for almost a third of the world’s most popular passwords). Instead the word ‘banned’ topped our list.
If you have any of the following passwords you should change them immediately.
Australia’s 20 most dangerous passwords for hackers
1. Banned – 2 minutes to crack
2. 123456 – less than a second to crack
3. Admin – less than a second to crack
4. password – less than a second to crack
5. 1234 – less than a second to crack
6. qwerty123 – less than a second to crack
7. 12qwasZX – less than a second to crack
8. 12345 – less than a second to crack
9. 12345678 – less than a second to crack
10. qwerty – less than a second to crack
11. Qwerty123 – less than a second to crack
12. 123456789 – less than a second to crack
13. Starwars29 – 3 seconds to crack
14. welcome11 – 2 seconds to crack
15. ******** – less than a second to crack
16. Deadman01 – one minute to crack
17. Password1 – less than a second to crack
18. 111111 – less than a second to crack
19. Password – less than a second to crack
20. Abc123 – less than a second to crack
Brencius said to have the most secure password you should use a random one “consisting of at least 20 characters, including uppercase, lowercase letters, as well as symbols and numbers”.
He said passphrases – basically a sentence all mashed up together which is longer and sometimes easier for people to remember – are more secure than a simple word but only because “they create a longer password”.
“In general, just like passwords, passphrases can be very secure or not secure at all. It completely depends on the specifics of the passphrase chosen. If done properly, a passphrase has the potential to be plenty secure,” he said.
The least-secure passwords for Australians appeared to be used for streaming services – likely because they were generally shared with others – while financial services tended to have the highest password strength.
This is good considering scams cost Aussies a record $3.1 billion last year.
The annual Cyber Threat Report alarmingly revealed this week that there is a cybercrime reported in Australia every six minutes, but the true number is feared to be much higher.
Australians are a big target for cybercriminals given our wealth and high number of internet users.
The Australian Signals Directorate received 94,000 reports of cybercrimes over the past year, a 23 per cent jump from last year. Business email compromise cost the average victim $39,000.
Interesting password facts
The average user has 100 different passwords
18 per cent of items for sale on the dark web are online accounts with emails and passwords
86 per cent of web app attacks use stolen credentials
24 billion credentials have been breached since 2016
How to make a safe password
Use complex passwords: Your password should be at least 20 characters long and include a mix of uppercase and lowercase letters, numbers, and special symbols. Avoid using easily guessable information like birthdays, names, or common words.
Never reuse passwords: Do not fall into the trap of using the same password across multiple sites or services. If one account gets compromised, all your accounts could be at risk.
Check your passwords: Take the time to regularly assess your password health. Identify weak, old, or reused passwords and improve with new and complex ones for a safer online experience.
Use a password manager: Generate and store complex and unique passwords for each of your accounts with the help of a password manager. The tools can generate, retrieve and store complex passwords for you. Check out an explainer on six different options here.
The post Passwords to avoid at all costs: Aussies warned of most dangerous for 2023 that can be cracked in seconds First appeared on au.finance.yahoo.com