Passwords are like keys; and like the keys to your house, you need to keep them safe.
In this post, I will run down the Top 20 of the worst passwords of 2020, plus keep reading for top tips about your online security.
2020 has already become a year to forget, and we’ve spent so much time inside, we’ve probably lost sight of the importance of our online security - even though we’ve been online more than ever.
Online security isn’t hard - but for some people, the choice of passwords leaves much to be desired.
More and more of us also use our fingerprint or face to unlock apps, doors, phones - but underneath that biometric is a password, waiting to be hacked!
That’s a big problem. In fact, NordPass has published their analysis of more than 275 million passwords; which show just how badly we treat our passwords.
The analysis revealed, in all its glory what are, frankly, the world’s 200 most stupid passwords.
Admittedly, many organisations don’t do a huge amount to help.
Oh, now-a-days most of them say that a password must include a capital letter, a special character, a number, and be at least 10 characters in length.
These worst password lists are not secret.
Why don’t businesses / websites prevent people from using them.
Why not force the user to try something else and reduce the risk in using such easily guessed passwords.
Most people need help, and that means making better passwords easier to achieve.
Let’s run-down the Top 20 of the most ridiculous passwords from 2020.
20 - NEW - qqww1122 - users 85,476
19 - UP - password1 - users 87,556
18 - NEW - aaron431 - users 90,256
17 - DOWN - iloveyou - users 106,327
16 - DOWN - 1234 - users 112,327
15 - UP - 000000 - users 122,982
14 - NEW Million2 - users 143,664
13 - UP - abc123 - users 151,804
12 - DOWN - qwerty - users 156,765
11 - UP - 1234567 - users 165,909
10 - NEW senha - users 167,728 (senha is Portuguese for password)
9 - UP - 1234567890 - users 171,724
8 - DOWN - 12345 - users 188,268
7 - UP - 123123 - users 189,327
6 - UP - 111111 - users 230,507
5 - UP - 12345678 - users 322,187
4 - UP - password - users 360,467
3 - NEW - picture1 - users 371,612
2 - UP - 123456789 - users 961,435
1 - UP - 123456 - users 2,543,285
Also, I have to mention this new entry, at 33 - unknown - Users 47,995
If you recognise any of those passwords, or any in the top 200 then you should really consider changing it.
Within the Top 200:
1 password took 3 years to crack,
2 of them took 12 days,
3 of them a couple of days,
9 of them took between 2 and 8 hours.
4 of them took between 17 and 60 minutes
13 of them took 2 minutes
The rest (168 of them) took less than 60 seconds to crack.
Keeping your passwords safe, strong and secure is so critical to keeping your online life out of the hands of the crooks. Using random passwords is best. Don’t use names, dates of birth - they’re far too easy.
A great example is to use the first letter of each word in a phrase. For example:
"I Love Going To The Movies With My Wife”
That becomes ILGTTMWMW - that’s pretty random in itself.
Now you can use upper case and lower case, substitute numbers, add a special character and you have a unique password: 1Lg2tMw*W
Now; at the same time as advocating the use of strong, unique, passwords, I have also constantly talked about the use of a password manager. A service that takes care of all your password needs - helps you to create them, and store them, without the need to write them down (or trying to remember them)!
The password manager I use is LastPass. I’ve been using them for a number of years, and without it, there would be no way to keep track and remember the 350+ passwords I have!
Sure, they’re not all in regular use, but it’s important they’re secure.
I also enable multi-factor authentication on as many accounts as I can. This means that access to the account is only available if I have my mobile phone with me; which generates a one-time password. You may have seen this also where a site will send you a code in a text message.
This means that, without your phone, your account remains safe.
It doesn’t stop there, because you also need to change passwords; reducing the risk even further. Yet another reason why a password manager is a great tool to have. Many of them will actually help you to change them - so you don’t need to think about it.
A password manager will generate random passwords for you, so you don’t even need to think about that either.
I have no idea what some of my passwords are - they are created and saved, then automatically filled in the website or app, as needed, without looking at it.
All I need to remember is the password for my LastPass account.
Password security is a subject close to my heart - and it should be close to yours too.
You can try LastPass for free. And whilst it is completely free to use - you’ll get the full benefits for just £31 per year for a single premium account, or £41 for a family account (for up to 6 users) which, to be honest, is a great price for peace of mind.
Take action and don’t become a victim to the hackers.
This post contains affiliate links. I may be paid a small commission when you purchase from them. This does not affect the price you pay.