CyberUK 2019: Millions Are Using 123456 as Password For Online Accounts

UK's National Cyber Security Centre has also published a list of 1000000 passwords that have been accessed in cyber breaches globally.


March 22, 2019 – The United Kingdom’s National Cyber Security Centre (NSC) has published its first ‘UK cyber survey’, and suggests that millions are using the combination 123456 as a password for their online accounts. The findings have been revealed in a report released ahead of this week’s CyberUK 2019 conference in Glasgow, Scotland. Along with the report, the agency also partnered with security expert Troy Hunt and released the list of 100000 most common passwords that have been breached in various cyber-attacks.

This survey was commissioned by the National Cyber Security Centre and Department for Digital, Culture, Media and Sport as part of the UK Government’s National Cyber Security Programme.

The study finds that the password combination 123456 has been breached for as many as 23.2 million online accounts globally, while the combination 123456789 has been breached 7.7 million times. As it turns out, the word password is also a password for 3.6 million breached accounts online. As many as 3.1 million user accounts also kept 1111111 as a password.

“Using hard-to-guess passwords is a strong first step and we recommend combining three random but memorable words. Be creative and use words memorable to you, so people can’t guess your password,” says Dr Ian Levy, NCSC Technical Director.

The most common names used as passwords are Ashley, followed by Michael, Daniel, Jessica and Charlie.

Liverpool is the most popular Premier League football team, followed by Chelsea, Arsenal, Manchester United and Everton, to figure in online passwords.

Blink182, 50cent, Eminem, Metallica and Slipknot are the most commonly used musicians in password combinations.

“Cyber security is a serious issue, but there are some simple actions everyone can take to better protect against hackers. We shouldn’t make their lives easy so choosing a strong and separate password for your email account is a great practical step,” says Margot James, DMCS’ Digital and Creative Industries Minister.

The report also indicates that young people are more careful about the information that they share online and are more privacy conscious when it comes to online accounts. As many as 21 percent of the respondents say they do not look at social media when they are online. As many as 70 percent of users have a PIN or password protection on their smartphones.

The survey and its findings have been published ahead of the NCSC‘s two-day CYBERUK 2019 conference will be organized in Glasgow on the 24th and 25th of April. “This is a message we look forward to building on at CYBERUK 2019, an event that reaffirms our commitment to make Britain both the safest place in the world to be online and the best place to run a digital business,” says David Lidington, Chancellor of the Duchy of Lancaster and Minister for the Cabinet Office.