“Holden” is the tenth most popular password in Australia but if it’s one you use, prepare to be hacked.
However you will be slightly more secure than if you chose “123456”, which was used 308,483 times too often in Australia last year because every one of those led to a data breach.
Despite increasing concerns over cyber security, “123456” is the most common password in Australia and also in 43 out of 50 other countries analysed by independent research into 290 million data breaches worldwide last year.
It found Australia has similar slack password habits to other nations and C-suite occupants everywhere are among the worst offenders.
The research, conducted in conjunction with security specialist NordPass, revealed high-level executives and business owners are one reason why “123456” is in top spot.
Also high on the list is – of course – “password”, which was the second most popular digital padlock in Australia, as well as “qwerty”, which came in eighth and “australia” at 19th.
“It is unbelievable how similar we all think, and this research simply confirms that,” said NordPass chief executive Jonas Karklys.
“What we might consider being very original, in fact, can place us in the list of most common.
“Everyone from gamer teenagers to company owners are targets of cyber crimes, and the only difference is that business entities, as a rule, pay a higher price for their unawareness.”
The average cost of a data breach rose 10 per cent last year to US$4.24 million, according to an IBM report.
But attacks due to compromised credentials accounted for 20 per cent of all breaches and cost more on average, at $US4.37 million.
A global top 200 list of breached passwords compiled by NordPass showed the same themes cropping up as default choices, regardless of country or status of the user.
Random letter-number combinations, such as “1cG07=!g65” do not appear on the list because they are harder to crack and therefore breached less often.
But sports and football-related passwords are popular, especially among men, with “liverpool1”, “arsenal”, and “football1” among passwords that appeared on the list, while “Michael” and “Jordan” were also widely picked.
People everywhere also use loving phrases, such as “iloveyou” and its localised versions (“ichliebedich”, “tequiero” and so on).
Top executives were surprisingly fond of easily hackable passwords such as “1q2w3e” or “11111”, or creature names such as “dragon” and “monkey”.
Two of the most compromised countries were found to be France and the UK, with 200 million and 600 million leaked passwords respectively.
Tips for safe passwords
NordPass suggested three ways to raise password security:
- Deploy a password manager. Password managers allow you to store all the passwords in end-to-end encrypted digital storage locked with a single keyword for the most convenience.
- Introduce cyber-security training. Simple human mistakes are the leading cause of data breaches.
- Enable multifactor authentication. Using two or more mechanisms to validate a user’s identity – such as separate apps, security keys or biometric data – adds an extra layer of security.
Australia’s top 20 passwords
Philip King is editor of Accountants Daily and SMSF Adviser, the leading sources of news, insight, and educational content for professionals in the accounting and SMSF sectors.
Philip joined the titles in March 2022 and brings extensive experience from a variety of roles at The Australian national broadsheet daily, most recently as motoring editor. His background also takes in spells on diverse consumer and trade magazines.