The National Cyber Security Centre has called on Brits to take better care of their online accounts after it emerged that millions of people are still using easily guessed passwords.
The security agency joined forces with Troy Hunt to identify the top 100,000 passwords in his collection of breached login details.
The most hacked passwords included: “123456”, which was linked to 23.2m accounts; “123456789”, which was linked to 7.7m accounts and “qwerty”, which was linked to 3.8m accounts.
More than 400,000 accounts used “ashley” as a password, while nearly 300,000 used “liverpool”. “Blink182” was the most commonly referenced musician and “superman” the top fictional character.
“Password re-use is a major risk that can be avoided – nobody should protect sensitive data with something that can be guessed, like their first name, local football team or favourite band,” said NCSC’s technical director Ian Levy.
“Using hard-to-guess passwords is a strong first step and we recommend combining three random but memorable words. Be creative and use words memorable to you, so people can’t guess your password.”
A survey of 1,350 Brits commissioned by NCSC ahead of its CyberUK conference this week revealed that only 15 per cent believe they know a great deal about how to protect themselves from fraud and cyber crime. The research also revealed that less than half of Brits do not always use a unique password for their primary email account.
Sign up to Emerging Threats, our weekly cyber security newsletter
“Cyber security is a serious issue, but there are some simple actions everyone can take to better protect against hackers.” said the minister for digital and creative industries minister Margot James.
“We shouldn’t make their lives easy so choosing a strong and separate password for your email account is a great practical step. Cyber breaches can cause huge financial and emotional heartache through theft or loss of data which we should all endeavour to prevent.”