NordPass recently released a report of the top 200 most common passwords of the year 2020. Additionally, NordPass compared the list with the most common passwords of 2019, to see what changes occurred in employee and user password behaviors.
NordPass serves as a proprietary password manager. It offers a secure encrypted password vault, and can sync passwords across all of your devices. Also, it provides secure share, biometric authentication, and unlimited password storage.
Some of the most common passwords include references to entertainment (“pokemon”), food (“cookie”), and sports (“soccer”). Common words and references like these only take a matter of seconds or less to crack; often, they have been exposed thousands if not millions of times before in previous breaches. Thus, attackers often use them as staples in credential stuffing attacks to the detriment of businesses of all sizes.
Among the top ten most common passwords of 2020, “123456,” “123456789,” “picture1,” “password,” “12345678,” “111111,” “123123,” “12345,” “1234567890,” and “senha” all appear. On average, it takes hackers less than a second to crack these passwords. The other most common passwords take only a matter of seconds to only a few days to crack.
Saryu Nayyar, CEO of Gurucul offered some thoughts on the findings. “The top 200 most common passwords report, sadly, has no real surprises. Security professionals have been trying to teach good password hygiene for decades and it seems that people don’t want to learn the lesson.”
“We have tools such as behavior analytics that can identify a compromised user, and there are tools like password managers and multi-factor authentication that make authentication more secure. But we’ll continue having these problems when users make it so easy for the bad guys by using painfully insecure passwords.”
Latest posts by Ben Canner (see all)
- Findings: 2020 Gartner Magic Quadrant for Access Management - November 25, 2020
- What is the Future of Identity? An Interview with Amit Saha of Saviynt - November 24, 2020
- How to Protect a Transformed IT Infrastructure Through Identity Management - November 23, 2020