According to the US-based password management company Keeper Security, ‘123456’ was the most common password of 2016, after ‘123456789’ and ‘qwerty’. Researchers came to this conclusion after reviewing over 10 million security codes which became public after the recent security breaches.
The study also found that four of the top 10 passwords on the list are six characters or shorter. Passwords ‘12345678’, ‘111111’, ‘1234567890’, ‘1234567’, ‘password’, ‘123123’, ‘987654321’ were among the top ten lists.
In 2012 Yahoo breach, hackers exposed more than 450,000 login credentials. "We hope that the parties responsible for managing the security of this subdomain will take this as a wake-up call, and not as a threat," the hackers said in a comment at the bottom of the data dump. "There have been many security holes exploited in webservers belonging to Yahoo! Inc. that have caused far greater damage than our disclosure. Please do not take them lightly. The subdomain and vulnerable parameters have not been posted to avoid further damage."
The list of most frequently used passwords has not changed much over all these years and the users are not aware of risks involved with weak passwords.
According to the report, four of the top 10 passwords on the list – and seven of the top 15 – are six characters or shorter. In the ear of brute-force attack, hackers can unscramble those passwords in seconds.
The presence of passwords like “1q2w3e4r” and “123qwe” indicates that some users attempt to use unpredictable patterns to secure passwords, but their efforts are weak at best. Dictionary-based password crackers can easily look for sequential key variations to crack the password.
This disclosure comes at a time of heightened awareness over password security management.