Millions of people globally leave themselves open to fraud and identity theft for a very simple reason – they choose weak passwords when surfing the web.
Last year, a team of security researchers trawling the dark web assembled a three-terabyte file of passwords that had been stolen in hacking attacks and data breaches.
The resulting list of the 200 most common passwords they found came as no surprise to behaviour experts, or anyone who has racked their brain to come up with a memorable password to log into an app or website.
The most commonly chosen password in 2022 was “password”, which was identified 4.9 million times, followed by “123456”, with “123456789” in third place. Gender and nationality made no difference.
Since the first websites appeared asking for log-in details, many of us have lazily selected from the same narrow range of weak passwords. Cybercriminals celebrate our lackadaisical approach to security.
The password list, published by NordPass, a developer of password-manager software that allows you to automatically enter a complex password into websites and apps for greater security, also estimated how long it would take hackers to guess the passwords to gain unauthorised access
