You May Need a Better Password

ID Agent, a dark web monitoring company owned by IT software company Kaseya, says it identified the most common stolen passwords found on the dark web in 2020 based on a scan of nearly 3 million passwords.

If you don’t know what the dark web is, then you’re better off staying in the dark, and away from the dark web.

The analysis found that fifty-nine percent of Americans use a person’s name or birthday in their passwords, while 33% include a pet’s name, and 22% use their own name. The average user also reused their bad password 14 times.

I’ll admit that I have used one of our dog’s name in a password once or twice. For whatever reason, I stopped doing so years ago.

When looking at the top 20 passwords found on the dark web in 2020, I find it shocking, despite years of begging people not to use many of these passwords, that they are still so being used. I’m also surprised that such simple passwords are so popular on the dark web; I would have thought people using such a site would have been relatively sophisticated tech people who knew the importance of having a good password. I’m also surprised that sites would allow such passwords, since it seems to me that most of the web sites I visit require a combination of lowercase, uppercase, numbers, and special characters when creating a password.

Here’s the list:

  1. 123456
  2. password
  3. 12345678
  4. 12341234
  5. 1asdasdasdasd
  6. Qwerty123
  7. Password1
  8. 123456789
  9. Qwerty1
  10. :12345678secret
  11. Abc123
  12. 111111
  13. stratfor
  14. lemonfish
  15. sunshine
  16. 123123123
  17. 1234567890
  18. Password123
  19. 123123
  20. 1234567

As you can see, only one of them has a special character, and only five of them have an uppercase letter.

I’m also surprised that there are no variations on some of these popular choices, such as wordpass or 87654321 or p1a2s3s4.

I’m also not sure why stratfor, lemonfish, and sunshine are so popular. Maybe it’s a dark web thing.

Hopefully, no one reading this post is currently using any of these passwords. If you are, feel free to use one of my variations. That should be enough to keep the hackers away.

And I just thought of one I might use some day: JimmyLikesStats!

Wait, did I just ruin that password for myself?

47 thoughts on “You May Need a Better Password

  1. Like everything else in my life, Jim, my passwords have become more and more complex and difficult to remember over time. I have so many and they are so intricate that I have to write them down now which isn’t the best solution but it is the only one I have. The cleverer we get, the cleverer the criminals and people of bad intentions get so it is a vicious circle. Thanks for the post, those passwords interested me. I’ve never used one of them so there is that at least.

    Liked by 2 people

  2. The neverending battle of trying to stay one step ahead of the guys who are much more sophisticated than I am about stuff like this.

    Liked by 2 people

  3. As you say, I am somewhat surprised that these would be used on the dark web, a place you think of as being inherently nefarious. But I also know the bane of trying to remember an intricate password, or worse yet, more than one. I am also confused about the prominence of stratfor, lemonfish, and sunshine. I do the best I can with passwords, but if someone wants to hack my computer and steal the recipes from my sister, laugh at my poetry, or abscond with the email reminder of my electric bill, than so be it. I have often said that if someone hacked my bank account to rob me, when they got there they would feel so bad for me that they would actually deposit some of their ill-gotten gains out of pity. Informative and entertaining, as always Jim!

    Liked by 2 people

    1. I think my computer would be a major disappointment to hackers as well. But I often wonder what motivates people to want to be a hacker; it seems like with their skill set they could find a good job in tech…

      Liked by 1 person

  4. you did just out yourself, but no worries, i’ll never remember. i think the reason people create such simple passwords has a lot to do with not forgetting them, (myself included). like you, i am very taken by the ‘lemonfish’ popularity level.

    Liked by 1 person

  5. I definitely need more secure passwords. But companies also need to spend the resources to protect our information. Given all of the data breaches that expose passwords and other personal information, it seems that they do not. Kind of like putting money in a bank that keeps getting robbed. End rant.

    Liked by 1 person

    1. I’m just glad I don’t work in computer security; it must be tough having to constantly try and stay one step ahead of hackers. And I agree, most of us could probably do a better job with our passwords…

      Liked by 1 person

  6. I’m not sure how this works. Do hackers “guess” individual passwords and put that info on the dark web or do hackers hack companies and get our passwords no matter how secure they are and put them on the dark web, or probably both in some ratio?

    Liked by 1 person

  7. Phew…I have never used any of those but have so many now like Robbie I write them down as if anything happened to me I don’t want to think about that but I’m sure they would just give up…

    Liked by 1 person

  8. People don’t take cyber security seriously until something bad happens. I use passwords that are 25 characters or more long. I know friends who use their date of birth, 4 digit numbers or even their own name. Makes no sense. My site recently conducted a two part investigation on how hackers obtain your passwords and the security breaches with different companies like Yahoo.

    Part 2 is more in depth showing the websites hackers use to post the stolen personal info and how their website members get to it for their own uses and pleasure.

    Liked by 1 person

Comments are closed.