Cybercriminals use a variety of tactics to try to find your passwords. But too many people make it easy for them by using weak and simple passwords. A new Dojo study of the most cracked passwords can help you stay safer online by knowing which mistakes to avoid. From the RockYou2021 collection of hacked password lists, Dojo was indeed able to review over 6 million such passwords. The company discovered the most commonly used passwords, their average length, and the most popular topics that appeared in a large number of breaches.
Techniques of attack
But first, what are the tricks used by hackers to try to get your password? One of the most popular methods is the brute force attack. Cyber crooks use automated tools to sift through millions of potential passwords per second. A similar tactic is the dictionary attack, in which attackers check common words and phrases to try to guess your password.
Finally, some hackers scour your social media accounts for personal information that may play a role in your passwords. Sent via email, text message, or phone call, a phishing attack is another popular ploy through which you are tricked into revealing a sensitive password. Finally, passwords are sometimes stolen by malware that infects your PC without your knowledge.
Password size
According to Dojo’s analysis results, the number and type of characters used in a password determines how quickly it can be cracked. Passwords containing only lowercase letters are a popular but vulnerable pattern. A password with only six characters takes almost no seconds to crack. A seven-character password takes 0.12 seconds. And an eight-character password would take three seconds.
Even adding an uppercase letter, number, or special character isn’t much help if the password is short or follows a familiar pattern. Eight-character passwords beginning with an uppercase letter appeared more than 4.5 million times in data breaches. Those ending with a special character have been found over 3.5 million times.
Mario or Link, to be avoided
Dojo also notices that nicknames and endearing terms have been used over a million times in passwords. TV series character names appeared over 455,000 times, while TV series names appeared over 365,000 times. Other popular topics found in hacked passwords include colors, fashion brands, cities, countries, movies, body parts, car brands, animal names, swear words, and video game characters.
The passwords “King”, “Rose”, “Love”, “Boo”, “Hero” and “Angel” are the most popular nicknames and affectionate terms. Common colors used as passwords are “red”, “blue”, “black”, “gold” and “green”. Those who like to use video game characters for their password opted for “Joel” (from The Last of Us), “Q*Bert”, “Link” (from The Legend of Zelda), “Mario” (from Super Mario Bros) and “Ryu” (from Street Fighter).
Recommendations
In the end, here are Dojo’s recommendations.
- Use a combination of lowercase and uppercase letters, numbers and special characters to make your passwords harder to crack. Opt for long passwords, with at least 8 to 12 characters. The longer the password, the more time and effort it takes to guess it.
- Also use multi-factor authentication. This will prevent a hacker who has managed to get your password from logging into your account. And if you’re concerned that a particular password has been compromised or breached, be sure to change it as soon as possible to protect your account. Finally, use a password manager.
- However, do not use personal information in your passwords. Hackers can often learn your name, date of birth, or a pet’s name through social media and other resources.
- Also avoid common or obvious patternssuch as 1234. Do not share your password with others or automatically save your passwords in your browser.
- Finally, do not use the same password for multiple accounts. If one of your passwords is compromised, the hacker can easily try it on other sites you use.
Source: “ZDNet.com”