A shocking number of passwords can be hacked in a minute – is yours one of them?
Having the same password for everything is simple. It’s easy to remember –which means it’s also easy to crack.
In some cases, in less than 60 seconds.
Cybersecurity firm Kaspersky analysed 193 million passwords and found not only could 45% of passwords be guessed by scammers within a minute, another 14% could be cracked within the hour.
Only 4% took from one month to a year to break, with 23% taking more than 12 months – the definition of being hacker resistant.
In 2023, cybercriminals made more than 32 million attempts to find out personal passwords, and that number is only growing, which means your account could be at risk.
But that’s not all. The firm said that only around 23% of the analysed passwords would take more than a year to crack.
So what makes a password easy to guess?
Along with the most obvious culprits, such as ‘password’ and numerical combinations such as ‘123456’, the majority of the passwords examined contained a word from the dictionary, which the security experts said reduces the password’s strength.
Another mistake people make is using a name in their password which can be easily identified, such as ‘Ahmed’, ‘Nguyen’, ‘Kumar’, ‘Kevin’ and ‘Daniel’.
The cyber security team said the most popular words used in passwords include ‘forever’, ‘love’, ‘google’, ‘hacker’ and ‘gamer’, and that standard passwords include ‘password’, ‘qwerty12345’, ‘admin’, ‘12345’ and ‘team’.
Kaspersky’s head of digital footprint intelligence Yuliya Novikova said: ‘Unconsciously, human beings create “human” passwords – containing the words from dictionary in their native languages, featuring names and numbers etc.
‘Even seemingly strong combinations are rarely completely random, so they can be guessed by algorithms. Given that, the most dependable solution is to generate a completely random password using modern and reliable password managers.
‘Such apps can securely store large volumes of data, providing comprehensive and robust protection for user information.’
What do you do if your password has been compromised?
When your password has been stolen, it is important to first change the password of the account that was hacked, and any others that may share the same password.
Depending on what was hacked, you may need to get new passwords for:
- Banking websites
- Social media platforms
- Email accounts
- Any other website that has your financial information linked to it
Then check your bank statements periodically to make sure that your credit or debit information has not been exposed. If you spot anything unusual, contact your bank straight away.
If your social media or email password has been stolen, check if you can log into your account, and if you can, change your password.
If you can’t login, then notify as many people as you can for any potential scam links and contact the platform to report the account.
But if you’re worried about your password being stolen, the firm offered some simple ways to strengthen the security of your account.
It said that adding numbers, or a couple of capital letters and symbols such as £,$,@, or ! will help make passwords harder to guess.
Kaspersky also recommended not using passwords that can be easily guessed from your personal information, such as birthdays, names of family members, pets, or even your own name.
The firm also suggested using a password manager that could help memorise just one long master password, and for extra security, you can use two-factor authentication which will add an extra layer of security to your account.
