It’s no secret that 2023 is going down as a bit of a dumpster fire, so is it any surprise that people are still using garbage passwords?
Despite being told time and time again that we should all be using stronger, more creative passwords to protect our online information and data, many Canadians are still using the weakest passwords possible, new research shows.
Password manager NordPass has discovered that of the 200 most common passwords used worldwide this year, about 70 per cent can be cracked in under a second.
In Canada, “123456” is the most common password for 2023, followed closely by “admin” and “password.” All three can be cracked in less than a second.
It’s not just a Canadian thing, however. A third of the world’s passwords consist purely of numerical sequences such as “123456789”, “12345”, and “00000”.
The 20th most popular password in Canada, interestingly enough, is “keeptrying”, which NordPass says takes about 11 days to hack, making it the most secure password on the most popular password list.
That said, not all password combinations are created equal — most people seem to create a slightly stronger password for their financial accounts, while the weakest passwords are typically reserved for streaming service logins, NordPass found.
Globally, internet users are also prone to using a brand or company name in their password. For example, when using an app on a smartphone, passwords often include the name of the device or app – “iPhone6s”, “Samsung1”, “1messenger”, and so on.
It only makes sense that one of the top passwords used to log in to Amazon is — wait for it — “amazon”.
Regional differences also come into play as well, the data shows. In places like the U.K., soccer team names are often included in passwords, while U.S. internet users like to select their favourite football team to use as part of a password. In Canada, the eighth most popular password is “Canad1en5”, showing our allegiance to hockey.
The top 10 passwords used by Canadians in 2023 are:
- Kate Middleton, King Charles named as Archie’s alleged skin-tone questioners in Dutch ‘Endgame’ tell-all
- Canada rolls out new 988 suicide crisis helpline. Here’s how it works
- Ontario rolled the dice for online gaming companies. People are betting a lot
- Create breast implant registry, health committee says in new report
When it comes to creating a strong password that proves difficult to crack, it’s going to take a bit more effort, says NordPass chief technology officer, Tomas Smalakys.
“123456 just doesn’t cut it anymore,” he says, likening an easy-to-guess password to leaving the front door of your house open when you go on vacation.
He says passwords should be 20 characters long and contain both upper and lowercase letters, symbols and numbers. Each login should have its own password — recycling passwords across sites and apps makes you more vulnerable to having multiple accounts hacked if your data is leaked.
NordPass also recommends not storing passwords on an internet browser, instead opting for a third-party software management software.
To reach their findings, the NordPass cybersecurity experts studied a list of passwords compiled in a 4.3-terabyte database extracted from various publicly available sources, including those on the dark web.
To access the world’s Top 200 most frequently-used passwords, or to do your own dive into the data, click here.