News
These 20 common passwords are being sold on the dark web
Seriously, if you have a password on this list, change it now.
Just a heads up, if you buy something through our links, we may get a small share of the sale. It’s one of the ways we keep the lights on here. Click here for more.
A new report from cybersecurity firm Lookout (via CNBC) shows the 20 most common passwords leaked on the dark web, and they’re nasty. Really, anyone using anything on this list in 2022 should be ashamed.
The list ranges from common manufacturer defaults like “12345678” and “Password,” to easily-typed phases like “Iloveyou.” Sure, they’re easy to remember. It’s also easy to remember for millions of other internet users, so you’re leaving your accounts wide open.
It’s hard enough keeping your accounts safe with unique passwords. The number of data breaches in the U.S. hit a new record last year, 1,862 which is a 68-percent increase over the number in 2020.
20 most common passwords found on the dark web
- 123456
- 123456789
- Qwerty
- Password
- 12345
- 12345678
- 111111
- 1234567
- 123123
- Qwerty123
- 1q2w3e
- 1234567890
- DEFAULT
- 0
- Abc123
- 654321
- 123321
- Qwertyuiop
- Iloveyou
- 666666
Read it and weep. No really, if your password is on this list, assume every single account or piece of technology you own is breached. If not now, it’s only a matter of time.
READ MORE: What are smishing attacks and how can you avoid them?
The other thing to note here is that the default login password for many popular routers is ‘password.’ The other most common default is ‘admin,’ so please go set up a unique login password for your router.
It’s often the only piece of technology that stands between your home network and the rest of the internet; so securing it is important.
Passwords are dumb, hackers are smart
Again, if you’re still using one of the most common passwords that were found leaked on the dark web, it’s time to stop. Enroll in a password manager, like 1Password, LastPass, or even Apple iCloud Keychain.
It’s probably also a good idea to add two-factor authentication for any accounts that support it. Avoid using SMS two-factor though, as it’s insecure. A determined hacker can get your phone number cloned and intercept those.
You could also go the hardware-based authentication route. YubiKey is the most popular option here, and we really like that you can get one with a Keyport Pivot to store your house keys alongside your digital hardware key.
Have any thoughts on this? Let us know down below in the comments or carry the discussion over to our Twitter or Facebook.
Editors’ Recommendations:
- How to change your Gmail password and reasons you should
- The kid who remotely hacked a bunch of Teslas hacked his way to owners’ contact info
- In its fight against Russian hackers, the Biden administration is making progress
- Surprise! The CIA has a secret stash full of data on Americans
Follow us on Flipboard, Google News, or Apple News
