Passwords are meant to protect a user’s privacy of their account, but it can also be a nightmare for some with multiple passwords to remember. Hence, most would end up with simple and common passwords that are far too easy to crack. The UK’s National Cyber Security Center (NCSC) released a compilation of the most hacked passwords in the world as of 2019 and predictably, the worst passwords tend to be the most hacked.
According to the report, 23.2 million users hacked worldwide used the password ‘123456’, which is the highest in the list. The second was ‘123456789’ with 7.7 million hacked. Following these two are ‘qwerty’ and ‘password’, with 3.8 and 3.6 million accounts hacked respectively. These numbers point to a limitation of generic and weak passwords. While strong passwords should be complex and unique to foil hacking, they should be easy enough to remember at the same time. The difficulty in remembering complex passwords leads users to choose simpler ones, with the above results.
A solution to this may be to have an intermediate layer of software where a user only has to remember one password while the software connects to the other access points by more complex passwords. Smart cards, USB keys, or biometric readers could also be incorporated to make it more secure. Additionally, a better system than the current two-factor authentication using text messaging is to use a separate authenticator app. Password managers such as LastPass or 1Password are helpful in such situations to create passwords for users which are secured with a master password.