One in Every 142 Passwords is '123456', New Research Shows


July 02, 2020

Promo Protect all your devices, without slowing them down.
Free 30-day trial
One in Every 142 Passwords is '123456', New Research Shows

“123456” is the most widely used password on breached accounts, according to a recent password re-use study c by computer engineering students at Cyprus University.

Last month, student Ata Hakçıl analyzed more than 1 billion username and password combinations that were leaked online from various corporate data breaches, revealing some alarming results:

• 1 billion credentials were reduced to just 168,919,919 passwords and 393,386,953 usernames
• The most common password is 123456, covering around 7 million entries per billion
• The most common 1,000 passwords cover 6.607% of all passwords
• Average password length is only 9.4822 characters long
• Only 12.04% of analyzed passwords contained special characters
• 28.79% of passwords contain letters only
• 26.16% of passwords are lowercase only
• 13.37% of passwords are numbers only
• 34.41% of all passwords end with digits, but only 4.522% of all passwords start with a digits

Only 8.83% of analyzed passwords were unique, with an average length of 9.7965 characters. 20% of the passwords contained letters only and 15.02% displayed just lowercase letters.

Making matters worse, the analyzed data was gathered from various data dumps, including some roughly five years old. User behavior has apparently not improved over time, and there is no doubt that cyber criminals have exploited this carelessness.

You can also check if your private data has been exposed online! Use Bitdefender”s Digital Identity Protection tool to see where you stand at the moment and what the internet knows about you.

This statement can be backed up by the conflicting state of Internet users when it comes to their account security. A May report issued by LastPass, 80% of respondents said they were concerned with having their passwords stolen. However, 66% of participants use the same password on their online accounts, and 53% have not changed their passwords in the last 12 months.

Taking into consideration the vulnerable state of the digital landscape, users should start focusing on the security of their online accounts. It might be time-consuming for some, but can you put a price on your account privacy and safety of personal information?

Good cyber hygiene practices is the first step. Start with analyzing your password re-use and complexity. If you need some help with creating strong, yet easy-to-memorize passwords, we”re here to assist you with some handy tips and additional security practices to better secure your online accounts.




Alina is a history buff passionate about cybersecurity and anything sci-fi, advocating Bitdefender technologies and solutions. She spends most of her time between her two feline friends and traveling.

View all posts

You might also like