Researchers at Digital Shadows report having collected over 24 billion usernames and passwords from the dark web – an increase of 65% in just two years. Even after removing duplicates, they still found 6.7 billion unique credentials, an increase of 34% in just two years. Excerpts:
- We collated more than 24 billion compromised credentials.
- approximately 6.7 billion credentials had a unique username-and-password pairing
- The most common password, 123456, represented 0.46 percent of the total of the 6.7 billion unique credentials.
- Information-stealing malware persists as a significant threat to your credentials. Some of these tools can be bought for as little as $50, and some go for thousands, depending on functionality.
- 49 of the top 50 most commonly used passwords could be cracked in less than a second. Adding a special character to a basic ten-character password adds about 90 minutes to that time. Adding two special characters boosts the offline cracking time to around 2 days and 4 hours.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.