World Password Day: 84% of Brazilians’ most common passwords can be hacked in less than a second

May 5th is known globally as World Password Day. Celebration has been around since 2013, devised by information security researcher Mark Burnett and later adopted by Intel as a reminder to users to boost security with their data.

Weak passwords remain a huge Achilles heel for users around the world. The list of the 200 most used in 2021, which was released recently, reinforces this problem. The classic “123456” continues to top the rankings not only in Brazil, but in 41 other countries. 84.5% of the passwords in order, in the Brazilian context, will be cracked by the hacker.

“This is a particular problem when a large part of it does not require any hacking knowledge to be guessed. They are very clear keyboard sequences or very easy words,” says Leonardo Camata, Information Security Specialist at ISH Tecnologia.

“The logic is pretty straightforward. If you don’t make any effort to come up with a good password, hackers probably won’t need much to crack it either.”

Check out the ten most common passwords in Brazil below (and watch if you don’t use any):
First – 123456
The second – 123456789
Third – Brazil
Fourth – 12345
V – 102030
Sixth – Password
Seventh – 12345678
Eighth – 1234
Ninth – 10203
Tenth – 123123

“The worrying trend observed is that people in general tend to be lazy when it comes to creating a password,” says Kamata.

In addition to those described above, names related to food and animals are frequent and should be avoided. “It is also interesting to note the number of passwords associated with major events that occur in the year. In 2021, a large part of the credentials were related to some Olympic Games in Tokyo”, comments Kamata.

How do I create a strong password?

Camata lists some tips for creating strong credentials:

Avoid the generic type – this is probably the most important tip. Any character order that makes sense to anyone in the world (like an obvious string of keyboard characters, a celebrity, or a team) is more likely to be leaked.

Avoid Personal Information – This applies to first name, last name, or date of birth. Camata also points out to avoid any personal information that can easily be found on the web (such as the team you support, the name of a pet).

Length matters – the longer your password is, the more difficult it is to crack it. Ideally, use one that is at least 12 characters long.

One Time Passwords – After coming up with a difficult and seemingly random password, many still make the mistake of reusing it elsewhere. The ideal is to have one credit card for each service used. A password manager is useful here.

Mix symbols – Another good idea is to nest different types of characters, such as uppercase and lowercase letters, numbers and other keyboard symbols.

curiosity

An analysis of the 200 most used credentials reveals some interesting facts:

– The English football team Liverpool was the most used passwords among the football teams in the world. In Brazil, the flamingo was the “champion”.
In the music world, after not appearing on the 2020 list, the band One Direction was the most popular band in 2021.
In animals, surprisingly, the most commonly used species for passwords was the dolphin.
Ferrari and Porsche lead the “ranking” in car brands.
– “Gabriel” was the most common name in Brazil, being the 15th most used password in the entire country.
An alarmingly large number use profanity as a password.