Three-quarters of the most popular passwords can be cracked instantly

Once again: make sure your passwords are secure.

We all know the importance of a secure, safe, uncrackable password to try and prevent falling victim to cybercrime. But what we know and what we do often differs wildly. The value of uncrackable passwords is of prime importance – not least because of how easy it is to break into accounts using some of the most popular passwords.

Using the top 10 passwords of 2020, NordPass calculated how long it takes hackers to be able to guess the passwords – and the results are shocking.

In all, 73% of the world’s most popular passwords can be cracked in less than a second using brute force attacks, which pelt password boxes with endless numbers of guesses that run through a database of some of the most popularly-used passwords that have turned up in exposed databases of hacked websites.

“The lesson here is that millions of people still use generic and weak passwords and don’t hear the message that a strong password is one of the most important measures for those who want to be secure online,” says Chad Hammond, a security expert at NordPass.

Speed of hacking is increasing

Less than a second is an incredibly quick time to be able to access nearly three-quarters of all the world’s most popular passwords currently in use – but even more alarmingly, the proportion of passwords that can be cracked easily is increasing over time.

When NordPass looked at the most popular passwords of 2019, and calculated how long it takes the average cyber crook to crack them, it was three percentage points lower.

Breaking a simple seven-character password with no special symbols or uppercase letters can take as little as 0.29 seconds, says the company. Adding two or more characters extends the amount of time taken to crack the password up to something closer to five years.

The most popular passwords used are things like 123456, picture1, password and – curiously – senha. There was a time when the average person believed that simply swapping out a letter for a number, or vice versa, could be enough to confound the criminals. However, we now know that isn’t the case: hackers have cottoned on to the way we try to adapt our passwords, and have rainbow tables that rifle through potential passwords quickly.

What to do to secure your passwords

“We recommend that people use strong passwords that are lengthy and contain letters, numbers, and special characters. In addition, the passwords must be unique for every account. Furthermore, it’s a good idea to use multi-factor authentication to enhance your protection even further,” says Hammond.

Reusing and recycling passwords on different services and sites may seem like an easy temptation, especially if you’re utilising longer, more complicated and extensive passwords. But it can be a drawback, and can make you more vulnerable to prolonged hack attacks that leave all your accounts vulnerable if just one is cracked by a cybercriminal. “That’s why it’s so important to use unique passwords for all accounts. Unfortunately, according to our survey, 63% of people reuse their passwords,” says Hammond.

Try to steer away from using any identifying information in your password that is accessible on the open internet to anyone.

If you profess a love for a particular sports team on your social media profiles, or give away your birthday somewhere, hackers will hone in on that and assume – often correctly – that it’s included in your password.

Try to make sure you’re regularly thinking about your information security, and trying everything you can to make it as difficult as possible for hackers to ascertain information about you and your life.