April 23, 2019 12:17 PM
Updated on April 23, 2019 12:38 PM
Do you know what is the most insecure password in the world? Easy: "123456".
Some, very clever, make it harder for hackers and use the key "123456789". With this, the only thing they achieve is to have the second most insecure password in the world.
These two passwords are part of the blacklist published on Tuesday by the National Cybersecurity Center (NCSC), a government agency in the United Kingdom responsible for preventing and combating cybercrime.
The list published by the NCSC includes 100,000 of the most commonly used passwords that have been violated by third parties in global cyber attacks.
The NCSC warns that the publication of these passwords does not pose a risk, since they are already in the public domain.
On the contrary, they say that this listing is a way of raising awareness about the way in which attackers use the passwords they obtain illegally.
In addition, it can be a way to make work more difficult for cybercriminals and to reduce the risk of users of networks and digital platforms.
This is the list of the most insecure passwords in the world, according to NCSC:
If you wonder what "qwerty" means, which appears in third place, the answer is that it does not mean anything. It's just the order in which those letters appear from left to right on the computer keyboard.
There are tools that help you manage your passwords, so you do not have to remember them all
Password, in position 4, means "password" in English.
Then there are others that, although they did not manage to enter the top 10, are just as "creative": "1234567890", "123123", "000000", "iloveyou", "1234".
And they could not miss the classic "qqqqqq", "xxxxxx" or "aaaaa".
In the list of the worst passwords there are also very common terms like "superman" or "pokemon", or names like "carlos", "angela", "maria" or "gabriel", written like this, without capitals or accents.
There are other passwords that are also very insecure, but they do not appear in the list, for example when employees of the same company use the company's name to access personal or corporate platforms.
Here you can see the full list of 100,000 passwords.
Do not make it easy for computer criminals
The NCSC warning is clear and simple: "If you see a password on this list you use, you should change it immediately."
The problem of recycling passwords
For NCSC, one of the biggest risks for people and companies is to use the same password for various platforms.
The password "123456", for example, has appeared 23 million times in the leaks from which the listing was made.
Here are some recommendations from the NCSC to have more secure passwords:
Use three random words, which you can easily remember but which are not related to each other, for example something like "cafetrenpescado" or "murocamisanube".
The fewer keys you reuse, the better
- It is almost impossible not to use the same password in several accounts, but in some cases it is highly recommended that you do not use a password that you have already used. In cases such as bank accounts, storage systems, email or social networks, it is better not to repeat passwords.
- To increase security, the NCSC recommends implementing two-step authentication systems, that is, in addition to the password, the account asks for a second access code, such as a temporary code or a security question.
- It is also advisable to use a password manager, in which you can store several of them safely.
- The experts in cybersecurity suggest not using personal data or repeating the username in the password. It is also advisable to combine letters, symbols, capital letters and numbers.