Worst Passwords Of 2020 – Experts Perspectives

By   ISBuzz Team
Writer , Information Security Buzz | Nov 19, 2020 03:12 am PST

Password manager solutions NordPass has just issued findings on the 200 most commonly used passwords of 2020, including findings that some of the most commonly used passwords remain  “123456,” “123456789,” “111111” and “password” – as are “pokemon” and “princess.” Cybersecurity experts offer thoughts.

Notify of
3 Expert Comments
Oldest Most Voted
Inline Feedbacks
View all comments
Chloé Messdaghi
Chloé Messdaghi , VP of Strategy
November 19, 2020 1:50 pm

Re the NordPass findings of worst passwords of 2020 – where after analyzing 275,699,516 passwords leaked during 2020 data breaches, NordPass and partners found that the most common passwords are incredibly easy to guess — and it could take less than a second or two for attackers to break into accounts using these credentials. Only 44% of those recorded were considered \”unique.\”

It’s great that NordPass is reminding us that things have not changed. This shows that people don’t see themselves as targets, because if they knew they were, they’d act differently. It\’s as if the thinking is: if it hasn’t happened yet, why should I care?

Cybersecurity is about preventing fires rather than putting them out and dealing with the damage. Security is about preventing both the attack and its aftereffects: ATOs, ID thefts, the revelations of personal data & medical histories, etc. The reality is that until and unless we push out that information through broad channels to consumers who aren’t particularly interested in security or even technology, people will only care when awful things start happening to them of those they love.

It is time for a broad, government-driven awareness campaign. Companies need to join this awareness by insisting on longer, unique passwords, the use of password strengthening tools, and regular requirements to update passwords, supported by email campaigns.

Pretty much everyone’s data is out there now. It’s time to start protecting our population through education. After all, very few would put all of their monies in a bank with unlockable doors and vaults. Ignoring cybersecurity risk factors such as weak, obvious passwords boils down to the same thing.

Last edited 3 years ago by Chloé Messdaghi
Jake Moore
Jake Moore , Global Cyber Security Advisor
November 19, 2020 1:33 pm

Passwords have long been the bane of people’s lives. Therefore, to make them easier to remember, people often use familiar words and phrases multiple times across different accounts. However, threat actors are well aware of this and know how to abuse this mindset.

Password managers, which can hold all our passwords securely, are the answer to this problem. Although many people think that putting all their passwords in one place on the cloud could make them vulnerable to attack, the opposite is in fact true. The clever use of two factor authentication (2FA) and robust encryption are a far stronger mix than having to remember 100s of accounts, each with three random words.

Furthermore, to fully protect your IoT devices, you should look at implementing 2FA on each of the devices too.

Last edited 3 years ago by Jake Moore
Saryu Nayyar
Saryu Nayyar , CEO
November 19, 2020 11:14 am

The top 200 most common passwords report, sadly, has no real surprises. Security professionals have been trying to teach good password hygiene for decades and it seems that people don\’t want to learn the lesson.

We have tools such as behavior analytics that can identify a compromised user, and there are tools like password managers and multi-factor authentication that make authentication more secure. But we\’ll continue having these problems when users make it so easy for the bad guys by using painfully insecure passwords.

Last edited 3 years ago by Saryu Nayyar

Recent Posts

Would love your thoughts, please comment.x