UK’s most-hacked passwords revealed
Brits have been urged to apply steps to stay safe online after results of the UK Cyber Survey exposed exploitable gaps in their personal security knowledge.
The polling was independently carried out on behalf of the National Cyber Security Centre (NCSC), a part of GCHQ, and Department for Digital, Media and Sport (DCMS).
The findings, released ahead of the NCSC’s CYBERUK 2019 conference in Glasgow this week, will inform government policy and the guidance offered to organisations and the public.
The cyber summit will see a range of sessions delivered by industry, academia and government, including a keynote speech by Cabinet Office Minister David Lidington.
Amongst the results were that;
- Only 15% say they know a great deal about how to protect themselves from harmful activity
- The most regular concern is money being stolen – with 42% feeling it likely to happen by 2021
- 89% use the internet to make online purchases – with 39% on a weekly basis
- One in three rely to some extent on friends and family for help on cyber security
- Young people more likely to be privacy conscious and careful of what details they share online
- 61% of internet users check social media daily, but 21% report they never look at social media
- 70% always use PINs and passwords for smart phones and tablets
- Less than half do not always use a strong, separate password for their main email account
The NCSC has also today published separate analysis of the 100,000 most commonly re-occurring passwords that have been accessed by third parties in global cyber breaches.
The results show a huge number of regularly used passwords breached to access sensitive information.
|Most used in total||Names||Premier League football teams||Musicians||Fictional characters|
|123456 (23.2m)||ashley (432,276)||liverpool (280,723)||blink182 (285,706)||superman (333,139)|
|123456789 (7.7m)||michael (425,291)||chelsea (216,677)||50cent (191,153||naruto (242,749)|
|qwerty (3.8m)||daniel (368,227)||arsenal (179,095)||eminem (167,983||tigger (237,290_|
|password (3.6m)||jessica (324,125)||manutd (59,440)||metallica (140,841)||pokemon (226,947)|
|1111111 (3.1m)||charlie (308,939)||everton (46,619)||slipknot (140,833)||batman (203,116)|
Dr Ian Levy, NCSC technical director, said:
“We understand that cyber security can feel daunting to a lot of people, but the NCSC has published lots of easily applicable advice to make you much less vulnerable.
“Password re-use is a major risk that can be avoided – nobody should protect sensitive data with somethisng that can be guessed, like their first name, local football team or favourite band.
“Using hard-to-guess passwords is a strong first step and we recommend combining three random but memorable words. Be creative and use words memorable to you, so people can’t guess your password.”
Margot James, DMCS’ Digital and Creative Industries Minister, said: “Cyber security is a serious issue, but there are some simple actions everyone can take to better protect against hackers.
“We shouldn’t make their lives easy so choosing a strong and separate password for your email account is a great practical step.
“Cyber breaches can cause huge financial and emotional heartache through theft or loss of data which we should all endeavour to prevent.”
The compromised passwords were obtained from global breaches that are already in the public domain having been sold or shared by hackers.