If your password is ‘p@ssw0rd’ or ‘admin’, you should probably change it right now.
A new piece of research by online security firm Rapid7 has taken a different approach to highlighting the kind of passwords you should stay clear of.
Rather than publishing yet another list of the dumbest passwords chosen by users, Rapid7’s new report details the passwords that hackers are trying to exploit and are actively using when trying to hack into computer systems or your personal online data.
By recording what passwords hackers used to break into a variety of internet connected devices such as point of sale systems, kiosks and desktop computers, Rapid7 was able to put together the list of most hackable passwords.
Top 10 passwords most likely to get you hacked
In order to keep track of the passwords the hackers used, the security firm set up several ‘honeypots’ – areas of a website which look legitimate but which had actually been created for the purpose of acting as bait for the hackers.
During the year long study, the honeypots logged a staggering 221,203 login attempts from more than 5,000 different devices in 119 countries.
In total, hackers tried 1,806 different usernames and 3,969 different passwords.
The findings of the report are pretty shocking, especially given how terribly simple some of the passwords are that feature in the list. Examples include ‘admin’, ‘Zz’, ‘x’ and ‘administrator’.
Last year, a report by another security firm revealed the most common password of 2014 was ‘123456’.
The study by Rapid 7 reveals that people and businesses are still getting it wrong when it comes to password security. Despite more sophisticated techniques being used by hackers to try and gain access to passwords and personal data, one of the easiest methods used to gain access to a person’s account is to just try and guess their password.
Specialist hacking software can do this automatically and often starts with most simple password combinations first.
RELATED: How to create a strong password
It is often the case that users will share passwords across accounts so once hackers have guessed one password it is likely they could actually have access to multiple accounts such as email, Facebook and even online banking.
When choosing a password you need to ensure it is suitably strong and where possible implement two-factor authentication.
Source: Rapid 7
Jonathan is our Google Nexus and Android enthusiast. He is also fanatical about football which makes it all the more strange that he should support Stockport County. In addition to writing about tech, Jonathan has a passion for fitness and nutrition and has previously written for one the UK’s leading watch and horology websites.