Audio By Carbonatix
Millions of people are using easy-to-guess passwords on sensitive accounts, suggests a study.
The analysis by the UK's National Cyber Security Centre (NCSC) found 123456 was the most widely-used password on breached accounts.
The study helped to uncover the gaps in cyber-knowledge that could leave people in danger of being exploited.
The NCSC said people should string three random but memorable words together to use as a strong password.
Sensitive data
For its first cyber-survey, the NCSC analysed public databases of breached accounts to see which words, phrases and strings people used.
Top of the list was 123456, appearing in more than 23 million passwords. The second-most popular string, 123456789, was not much harder to crack, while others in the top five included "qwerty", "password" and 1111111.
The most common name to be used in passwords was Ashley, followed by Michael, Daniel, Jessica and Charlie.
When it comes to Premier League football teams in guessable passwords, Liverpool are champions and Chelsea are second. Blink-182 topped the charts of music acts.
People who use well-known words or names for a password put themselves people at risk of being hacked, said Dr Ian Levy, technical director of the NCSC.
"Nobody should protect sensitive data with something that can be guessed, like their first name, local football team or favourite band," he said.
Hard to guess
The NCSC study also quizzed people about their security habits and fears.
It found that 42% expected to lose money to online fraud and only 15% said they felt confident that they knew enough to protect themselves online.
It found that fewer than half of those questioned used a separate, hard-to-guess password for their main email account.
Security expert Troy Hunt, who maintains a database of hacked account data, said picking a good password was the "single biggest control" people had over their online security.
"We typically haven't done a very good job of that either as individuals or as the organisations asking us to register with them," he said.
Letting people know which passwords were widely used should drive users to make better choices, he said.
The survey was published ahead of the NCSC's Cyber UK conference that will be held in Glasgow from 24-25 April.
Latest Stories
-
Challenging Heights partners Ghana police to rescues 42 girls from human trafficking
3 minutes -
Supreme Court OSP ruling could reshape Ghana’s prosecution system – Atuguba
14 minutes -
AG holds prosecutorial power, but OSP case not straightforward – Justice Atuguba
23 minutes -
Eno’s Organics showcases Ghanaian agribusiness at Macfrut 2026 in Italy
30 minutes -
Escapees from Adabakra station not linked to Sammy Gyamfi’s in-law’s murder case – Police
41 minutes -
Akosombo fire: Partial restoration achieved as engineers work to stabilise power supply – Jinapor
45 minutes -
Akosombo substation fire has disrupted national power supply – Energy Minister confirms
46 minutes -
Civil Society frustration over OSP ruling “understandable but misplaced” – Justice Atuguba
48 minutes -
OSP’s powers face fresh scrutiny as Atuguba raises constitutional questions
50 minutes -
Minority demands ‘dumsor timetable’, insists crisis goes beyond Akosombo fire incident
55 minutes -
Bank of Africa to scale up SME support to drive job creation
55 minutes -
Wait for Supreme Court before commenting on OSP case — Justice Atuguba urges public
56 minutes -
Hindsight: Of hostile takeovers; the AshGold and 04 case
1 hour -
Sabalenka fights back to beat Osaka at Madrid Open
1 hour -
Maternal, mental health challenges persist in Jamestown as Australia pledges support
1 hour