There are lazy passwords everywhere. These are passwords that are reused on multiple accounts and passwords that are simple and easy to crack. A recent NordPass report has identified the top 200 most commonly used passwords and let’s just say, most of them do not require a password cracking tool to guess. Here are the top 5 most commonly reused passwords in the United States according to NordPass:
- password
- 123456
- qwerty123
- qwerty1
- aaron431
Four out of five of those makes sense, but “aaron431” is definitely an outlier and as of this writing, I am still unsure how or why it is so high on NordPass’s list of most commonly used passwords. It is possible it is a default password for a popular device or service, a popular default password of a large organization, a breached password that has since been used on multiple breached accounts, or maybe it is in error. Hopefully we find out why or how it made the list!
Password reuse
So we like to use simple passwords that are easy to remember, but we only use them on one account, right? According to cybernews.com, more than 60% of Americans reuse passwords. So we are using really simple passwords and we are also reusing them, no wonder why so many accounts get breached every year!
Password solutions
So why do we reuse passwords and why do we use simple passwords? Passwords get in the way and are hard to remember. So we use easy ones over and over again. This makes it easier for us to remember and access our accounts, but it also makes it easier for cybercriminals to crack our accounts.
Password managers are one of the best ways to take control of passwords.Unfortunately though, only 36% of adults in the United States subscribe to a password manager. Password managers help take control of lazy passwords by being able to securely store long, complex, and unique passwords. This allows a user to get away from the simple and reused passwords.
Many password manager solutions are low cost to use and some even no cost. This cybersecurity tool is one of the best ways to minimize the risk of business accounts being taken over by cybercriminals, especially when used with multifactor authentication. As a quick reminder, multifactor authentication adds additional steps once a user enters in their account credentials. The extra steps can vary with the following being commonly used:
- SMS code
- Email code
- Authenticator app
- Push notification
- USB key
Subscribe to our monthly email newsletter to keep your small business up-to-date on all the latest cybersecurity news! For more information on protecting your small business from cyberattacks and other cybersecurity topics check out Small Business, Big Threat!