Don’t get too excited. What we are talking about is that “I love you” is one of the top 20 passwords on the Dark Web. These are the passwords that have been found most often in data breaches that are for sale on the Dark Web. Clearly, we have work to do in our security training when we tell our users to change their passwords to something difficult to guess and they make it one of there. (It can be frustrating to be a cyber security-vangelist.)
In addition to “ILoveYou”, there are such doozies as “12345”, “123456”, “1234567”, “12345678”, “123456789”, and “1234567890”.
Or the more difficult “654321”. Then there’s “123123” or its slightly more difficult variation “123321”.
Then there’s my favorite password which is, well, “Password”.
Of course, we all know that strings of characters that are non-dictionary words can be more difficult to crack. But not when it’s “Qwerty” or its slightly tougher cousin “Qwerty123”. And no, “Qwertyuiop” isn’t any better! (I see what you did there.) Neither is “Abc123”.
Along the lines of Qwerty is “1q2w3e” (nice try).
We also have the lazy “111111” and “666666”.
And when you are given a new account and told to change the default password, “DEFAULT” is funny but not a good idea since it’s one of the top 20.
I know you’ve been counting and realize that we have discussed 19 of the 20 top passwords on the Dark Web. I know you’re on the edge of your seat wondering what the last one of the top 20 might be. Any guesses? It’s “0”. Yep. Just one character, zero! Obviously, that is from an account that doesn’t require a minimum number of characters.
So please do me, your cyber security team, your CISO, and your future self a favor. CHANGE YOUR PASSWORD TODAY! (And it had better not be “Pass1234”!)