The NCSC (National Cyber Security Centre) recently published its first ‘UK cyber survey’ alongside a global password risk list. The password information is enlightening and a good reminder that weak passwords leave us all vulnerable – a summary of the survey is below.
A total of 187,219,153 passwords were leaked in the UK in 2021. The most common password used in the UK in 2021 was the very unoriginal “123456”, used 571,107 times throughout the year. It was the most popular password across the world, used 103,170,552 times globally. It would take a hacker around one second to crack.
“Password” was the second most common password in the UK, used 423,192 times. It came in at number five in the global ranking, used 20,958,297 times. Some 162,086 Brits were not very creative with their password choice, going for “password1”, bringing it to number four on the UK ranking.
Football was a theme in UK password choices, with “liverpool” coming in third place. The team name was 121 in the world ranking — used 934,857 times, it may be the most popular team in the world. “Liverpool1” was eighth on the UK list, “arsenal” was tenth, “chelsea” was at number 11, and “rangers” was at number 19. “Liverpool” was the only password in the UK top 15 that would take a hacker more than one second to crack — taking two seconds. The word “football” itself was the fourteenth most popular password in the UK, used 70,619 times, and was at number 60 globally, used 1,468,381 times worldwide.
Brits took inspiration from their keyboards, choosing “qwerty” 145,626 times. The word is made up of the first six keys on the top left letter row of a keyboard for Latin script alphabets. Globally it was used 22,317,280 times, the fourth most common password in the world in 2021.
Here at Valkyrie, to avoid the various password security threats which include – dictionary & credential stuffing attacks, password spraying, keylogging and phishing scams we suggest the following:
- Always set a strong password and avoid using personal information (e.g. Date of birth or your name) – prioritise password length and check password strength
- When setting a password include a combination and variety of random of letters, numbers, and characters
- Ideally avoid using ‘real words’
- Never reuse passwords
- Avoid repeat password, use different passwords for different accounts – mix them up
- Consider using a password manager – these are an excellent tool for people struggling to organise their own passwords
- Change your passwords regularly – Hackers use malicious programs that can process every word found in a dictionary to crack passwords
- Never share your passwords
- Avoid public WI-FI
If you need any advice on this or any other security related enquiry, please contact us at security@valkyrie.co.uk or telephone 02074 999 323.