123456, qwerty123 still holds the top spot in the list of accounts with stolen information

Data from 2.5 terabytes of leaked information

The report is built on a massive data source from 2.5 terabytes of leaked information in data breaches that NordPass has compiled and analyzed.

The results showed that the password "123456" was used more than 3 million times, an alarming number given how common and easy it is to guess.

Statistics show that six of the top 10 passwords are numeric only, reflecting the trend of users still choosing simple and memorable strings. However, this also makes them easy targets for hackers using brute-force attacks - a technique that can crack a password in seconds.

In addition to consecutive numbers, many users also tend to choose passwords from familiar keyboards such as "qwerty" or common words such as "password" or "secret".

Using these common passwords puts personal accounts at risk, leading to serious consequences such as data loss, compromised bank accounts, or stolen personal information.

To enhance personal information security, NordPass recommends that users create passwords that are at least 20 characters long, including a full range of elements: uppercase letters, lowercase letters, numbers, and special symbols. This diverse combination will create a strong password that is difficult to crack using common attack methods.

Warning about password reuse

NordPass specifically warns against reusing passwords across multiple accounts. This is a dangerous practice because if one account is compromised, all other accounts using the same password are at risk.

This phenomenon is called "credential stuffing" - a common form of cyberattack where hackers use leaked login information from one website to test on other websites. Diversifying passwords for each account is the most effective prevention.

According to research, the damage caused by cyber attacks each year amounts to billions of dollars, most of which comes from the use of unsafe passwords.

Businesses also incur significant costs to upgrade security systems, train employees on information security, and deal with the consequences of data breaches. This increases operating costs and can impact a business’s competitiveness.

Building a secure cyber environment requires collaboration from many sides. Organizations need to invest heavily in educating users about information security, while technology developers need to integrate stronger security features into their products.

Implementing two-factor authentication (2FA) is also recommended as an additional layer of protection, which enhances security even if the password is compromised. Biometric technologies such as fingerprint or facial recognition are also becoming a new trend in information security.