Queen Elizabeth and Taylor Swift among most used passwords in 2022

Edward G. | March 20, 2023

The most frequently reused credentials eventually end up on breached lists accessible to purchase on the dark web, thus becoming a weak point in personal and company security when subject to brute force and password-spraying attacks.

Examining the most often reused passwords allows individuals to gain insights into what type of passwords to avoid when safeguarding their online journeys.

Some passwords, like password, 123456, qwerty, and other similar basic choices, have always been and will remain some of the most insecure picks to protect one's account.

However, the recently released 2023 Annual Identity Exposure Report by SpyCloud reveals that the most commonly used credentials also change year-by-year and reflect the hottest topics.

It is no surprise that music, streaming, and celebrity culture are among the most prevalent themes in passwords in 2022.

Celebrity names as most common passwords

Last year, hundreds of thousands of credentials included keywords connected to celebrities Taylor Swift, Bad Bunny, Jennifer Lopez, Ben Affleck, and Elon Musk.

Swift's 10th album, "Midnights," which reportedly generated $230 million in sales, resulted in passwords such as taylor, taylor swift, swiftie, and midnights being used 186,000 times.

Similarly, Bad Bunny's status as the most-streamed artist on Spotify in 2022 inspired the use of bad bunny, titi, and verano as passwords, with the latter two being among his popular songs, appearing 141,000 times.

The acquisition of Twitter by Elon Musk inspired the use of twitter and elon musk as passwords, which were used 74,000 times.

Additionally, Jennifer Lopez and Ben Affleck's reunion and marriage, known as Bennifer, was reflected in passwords such as jennifer lopez, jlo, ben affleck, and bennifer, appearing 46,000 times.

Avoid streaming and family-related passwords

Other pop culture events that captured the public's attention were also reflected in the list of frequently reused passwords.

The growing popularity of streaming TV services was reflected in passwords such as youtube, netflix, and hulu, which were chosen 261,000 times.

The death of Britain's Queen Elizabeth and other news about the royal family ignited the use of queen, queen elizabeth, and royal family as passwords. In total, credentials with the aforementioned keywords were used 167,000 times in 2022, according to various databases on the dark web.

As expected, other frequently reused passwords included russia, russian war, ukraine, ukraine war, and trump.

In addition, passwords related to love, family, kids, wife, husband, and boyfriend collectively appeared more than 7 million times. Although these types of passwords are heartwarming, they are dangerous to use nonetheless.

Effective strong passwords

While complex passwords are harder to crack, they are not necessarily the best choice for most people. Users might need to write down or electronically store passwords using an insecure method.

Moreover, they are more likely to re-use the same credentials on multiple accounts. And, of course, they are simply easier to forget.

Luckily, there are ways to create a strong password that users can remember effortlessly.

In "The Memorability and Security of Passwords" Jeff Yan et al. examine ways to help people create passwords that are as secure as randomly generated ones but as easy to remember as their usual choices.

They discovered that passwords created by coming up with a phrase and using the initial letter of each word are just as memorable and secure as randomly generated passwords.

People can experiment with creating their own “algorithm” for a password from a phrase, like using the first two letters or only the last one, etc.

In addition, the empirical study found that using two unrelated words in combination is another successful tactic.

Edward G.

Edward G.

Cybersecurity Researcher and Publisher at Atlas VPN. My mission is to scan the ever-evolving cybercrime landscape to inform the public about the latest threats.



© 2024 Atlas VPN. All rights reserved.