Do you know what is the most insecure password in the world? Easy: “123456”.
Some, very clever, make it harder for hackers and use the key “123456789”. With this, the only thing they achieve is to have the second most insecure password in the world.
The rehabilitated criminal hackers who now face off against internet criminals
These two passwords are part of the blacklist published on Tuesday by the National Cybersecurity Center (NCSC), a government agency in the United Kingdom responsible for preventing and combating cybercrime.
The list published by the NCSC includes 100,000 of the most commonly used passwords that have been violated by third parties in global cyber attacks.
The NCSC warns that the publication of these passwords does not pose a risk since they are already in the public domain.
Why cybersecurity should be more like a chameleon than a rhinoceros
On the contrary, they say that this list is a way of raising awareness about the way in which attackers use the passwords they obtain illegally.
In addition, it can be a way to make work more difficult for cybercriminals and to reduce the risk of users of networks and digital platforms.
This is the list of the most insecure passwords in the world, according to NCSC:
If you wonder what “qwerty ” means, which appears in third place, the answer is that it does not mean anything. It’s just the order in which those letters appear from left to right on the computer keyboard.
Password , in position 4, means “password” in English.
Then there are others that, although they did not manage to enter the top 10, are just as “creative” : “1234567890”, “123123”, “000000”, “iloveyou”, “1234”.
And they could not miss the classic “qqqqqq”, “xxxxxx” or “aaaaa”.
How to remove all your personal information from your computer (and why formatting is not enough)
In the list of the worst passwords there are also very common terms like “superman” or “pokemon”, or names like “carlos”, “angela”, “maria” or “gabriel”, written like this, without capitals or accents.
There are other passwords that are also very insecure, but they do not appear in the list, for example when employees of the same company use the company’s name to access personal or corporate platforms.
Here you can see the complete list of 100,000 passwords.
The NCSC warning is clear and simple: “If you see a password on this list you use, you should change it immediately .”
The problem of recycling passwords
For NCSC, one of the biggest risks for people and companies is to use the same password for various platforms.
The password “123456”, for example, has appeared 23 million times in the leaks from which the listing was made.
Here are some recommendations from the NCSC to have more secure passwords:
- Use three random words, that you can easily remember but that do not have relation to each other, for example, something like “cafetrenpescado” or “murocamisanube”.
- It is almost impossible not to use the same password in several accounts, but in some cases, it is highly recommended that you do not use a password that you have already used. In cases such as banking, storage systems, email or social networks, it is better not to repeat passwords.
- To increase security, the NCSC recommends implementing two-step authentication systems, that is, in addition to the password, the account asks for a second access code, such as a temporary code or a security question.
- It is also advisable to use a password manager, in which you can store several of them safely.
- The experts in cybersecurity suggest not using personal data or repeating the username in the password. It is also advisable to combine letters, symbols, capital letters, and numbers.