Study exposes simple passwords fuelling data breaches
A new study by KnownHost has revealed the most easily hacked passwords, exposing a widespread vulnerability to cyberattacks.
The research, which analyzed millions of breached records, found that simple numerical sequences like “123456” and “123456789” top the list of vulnerable passwords, highlighting a dangerous disregard for basic security practices. These two passwords alone have been linked to over 70 million data breaches.
The study examined 200 commonly used passwords, calculating their “hackability” based on their prevalence in data breaches between 2007 and 2024 and the time it takes to crack them. Shockingly, passwords consisting solely of numbers make up 70% of the top ten most vulnerable passwords. Many of these could be cracked in less than a second, according to the research.
While many websites now require complex passwords with a mix of characters, the study found that a significant number of people still opt for easily guessable combinations. Even seemingly longer passwords offer little protection if they follow simple patterns. For example, “12345678,” though longer, is still highly vulnerable. The word “password” itself also makes the top ten list, underscoring the lack of creativity and security awareness among many users.
The consequences of weak passwords are significant. With over one billion records stolen in the US alone in 2024, data breaches are a growing epidemic. Cybercriminals use various methods, but weak passwords provide an easy entry point. The Ticketmaster breach, where hackers exploited reused passwords, is a prime example.
KnownHost CEO Daniel Pearson emphasized the urgent need for better password hygiene. He urged individuals and businesses to adopt stronger practices, including unique passwords for each account, the use of password managers, and multi-factor authentication.
For more information and to view the full study, click here.
