The most used passwords in 2024 are harmful

The most used passwords in 2024 are harmful

“123456” topped the list of most used passwords in 2024 published by NordPass. This confirms that global technology has a big problem and that the implementation of alternative digital security methods must be accelerated.

Password manager NordPass has published the sixth edition of the Top 200 most frequent passwords. The annual list, now classic at this time, is compiled with the data resulting from the analysis of the largest data breaches that occur in attacks on Internet services and in 44 countries, with a separate and joint list worldwide.

Most used passwords in 2024

Everything we have been saying during previous years serves us well for this one. Are a bargain for cybercriminals They don’t even have to use advanced hacking methods, since most of the ones used are so weak that – with a single command – anyone can decrypt it in a short time. According to research, 78% of the world’s most popular passwords can be decrypted in less than a second. In this sense, we have even worsened, since last year it represented 70%.

The most used passwords in 2024 in Spain are simply pitiful:

  1. 123456
  2. 123456789
  3. 12345678
  4. Spain
  5. qwerty123
  6. 12345
  7. qwerty1
  8. 1234567890
  9. password
  10. 1234567
  11. barcelona
  12. 000000
  13. 111111
  14. SPAIN
  15. qwerty
  16. alejandro
  17. 123123
  18. Spain
  19. cristina
  20. Qwerty123

History repeats itself year after year for the worse and the company stands out among the tendencies:

  • Almost half of the most common passwords in the world this year are made up of the simplest combinations of numbers and letters on the keyboard, for example “qwerty”, “1q2w3e4r5t” and “123456789”.
  • Spaniards often incorporate cities and places in Spain into their keys, reflecting a sense of local pride. This year they have highlighted passwords such as “España”, “españa” and “‘barcelona”, which show the attachment to these places.
  • The word “password” can already be considered one of the most frequent and long-lasting. Year after year, it tops the list of all countries. In Spain, it is the ninth most used password. For Brits and Australians, it’s number one.
  • The popularity of “qwerty” has been challenged by the equally weak “qwerty123”, which is now the most common password in Canada, Lithuania, the Netherlands, Finland and Norway. In the United States, this PIN has also made a big jump this year, ranking in the top 5.

Another negative aspect is that 40% of the most used passwords between individuals and employees are the same. On average, an Internet user can have 168 passwords for personal use and 87 passwords linked to their work activity. Although managing this load is simply too complicated for most, experts say that it is natural that there is a tendency to create weak keys and, even worse, use them on multiple platforms.

Is there a solution? Yes, create strong passwords

The implementation of more advanced functions (secure and friendly) that free us from passwords is urgent and everything indicates that access keys (unique codes linked to specific devices, such as computers, tablets or smartphones) will be the method of choice. And in general, everything that comes from biometrics.

Until that happens and taking into account that passwords continue to be the preferred authentication method for logging into operating systems, applications, games or accessing Internet services on all types of machines, we must make an effort to create and maintain them. Once again, we leave you the general recommendations for creating them:

  • Combine uppercase with lowercase and also numbers with letters.
  • Add special characters.
  • Lengthen the password with the greatest number of digits.
  • Never use typical words or common numbers.
  • Never use personal names, pet names, or birth dates.
  • Don’t use the same password on all sites.
  • Use specific passwords that are as strong as possible for banking and online shopping sites where we expose credit cards or other types of financial information.
  • Keep your password safe from any third party.
  • Never reveal your password to anyone. Nor in supposed official requests that are usually phishing attacks.
  • Reinforce the use of passwords whenever functions such as double authentication (2FA) or biometric systems, fingerprint sensors or facial recognition are available.
  • Clean up unused online accounts as a regular maintenance task.
  • Check if your passwords are hacked. Have I Been Pwned It is a good place to look and also in browser managers.

Password managers, very useful

It is almost impossible for a human Internet user to securely manage the credentials to access the hundreds of accounts that we surely subscribe to. There is a group of applications that are very helpful. Basically, this type of software reduces human errors in password managementsince it automates the process of generating and accessing websites and services.

Of course, the passwords created by these managers are highly secure, meeting standard standards in size and complexity. They also help against phishing attacks by immediately identifying characters from other alphabets and add a huge advantage: We only need to remember a master password and the manager will do the rest.

Surely applications like NordPass, LastPass and other commercial and/or paid applications sound familiar to you, but from our practical section we proposed these five open source solutions and completely free which our users really liked. The great advantage of open source administrators is the possibility of auditing the software and keeping the credentials under your control, installing and self-hosting them on our own machine. We remind you of the three that we like the most:

– KeePass. It’s the ‘granddaddy’ of open source password managers and has been around since the days of Windows XP. KeePass stores passwords in an encrypted database that you can access using a password or digital key. You can import and export passwords in a wide variety of formats.

– Bitwarden. Especially intended for LastPass users looking for a more transparent alternative, it works as a web service that you can access from any desktop browser, while for Android and iOS it has their respective mobile apps. Bitwarden can share passwords and has secure access with multi-factor authentication and audit logs.

– Passbolt. A self-hosted password manager designed specifically for work teams. Integrates with online collaboration tools such as browsers, email or chat clients. You can self-host the program on your own servers to maintain complete control of the data, although teams without experience or infrastructure can use a cloud version that hosts it on the company’s servers.

Web browser managers

If you do not want to use third-party managers, another option is use the browsers’ own password managers. Chrome, the leader in the segment, has improved its operation and capacity considerably in the latest versions, including functions offered by the specialists above, such as the detection of compromised passwords, the warning when you believe one is weak or a very simple edition of it in the own manager.

The manager stores them securely, allows them to be managed in the browser or globally on this page and uses them to complete the username and password fields the next time you visit a website. Very similar to what Mozilla has been doing for Firefox con su ‘Password Manager’ which is one of the best in web browsers. Microsoft’s Chromium-based Edge also has its own manager, which offers the most basics of a dedicated manager.

Yes. The most used passwords in 2024 are still as weak as in previous years. And there is no excuse possible. It will only take a few minutes to improve Internet security and that of our digital home. And it is a great investment. Let’s stop being a bargain for cybercriminals!

Source: www.muycomputer.com