Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
Passwords are outdated, and it’s time for both technological companies and users move on. I said that there. You like it or not, the weakest relationship in cyber security is all that relies on human intake. While the organizations continue to invest in the firewall and endpoint safety, the most persistent vulnerability remains a human password.
The Internet has long struggled with poor password practices, but recently discovery points out how serious the problem is.
Safety researchers They discovered more than 19 billion newly missed passwords, collected from hundreds of violations between April 2024 and April 2025. The stunning 94% of these passwords were re -used, predictable or both.
Illustration of hackers at work. (Kurt “Cyberguy” Knutsson)
What you need to know
Between April 2024 and April 2025, data from nearly 200 separate cyber -safety incidents became publicly available, which was discovered Cybernews. These were not insulated events. They included massive leak repositors, including compromised and compromised databases. A total of more than 3 terabytes of raw missed data were analyzed, containing more than 19 billion passwords. Only 6 percent of them, just over 1.1 billion, was unique.
Among the most commonly used passwords, “123456” appeared in over 338 million instances. Words such as “password” and “administrator” followed near, despite the years of public warnings. Such default values often come from a device such as a router or tool for entrepreneurs, where they rarely change and are often used elsewhere.
1.7 billion passwords leaked to a dark web and why your risky
Personal names remain a normal pattern. The name “Ana” appeared in almost 179 million passwords, followed by countless other names and combinations based on the name. Pop culture, food, cities, and even sworn words were frequent topics. Words like “Mario”, “Love”, “Pizza”, “Rome” and various lights were not just a creative choice. Now there are security obligations.
Worse, the attackers no longer need to hit. Have automation. Committee filling tools are now going through billions of well -known passwords on hundreds of platforms, breaking the accounts at the rate of success as much as two percent. This amounts to thousands of compromised profiles, bank accounts, E -Stable and cloud tools each day.
Illustration of hackers at work. (Kurt “Cyberguy” Knutsson)
200 million records on social media leaked in a great breach of data x
Bigger problem
According to Cybernews researcher Neringa Maccasuskite, the fundamental problem is not only weak passwords, but also how often they are used again. Only six percent of passwords are unique. For most users, security depends entirely authentication with a two -factorIf this is enabled at all.
Most passwords fall between eight and 10 characters and eight are most common. About 27 percent of them contain only lowercase letters and digits, making them very vulnerable to coarse force attacks. Less than 20 percent use a mixture of cases and numbers, and only a small part includes symbols.
How safe is my password? Use this test to find out
Despite their wide educational efforts, user habits remain standing, but one positive trend has emerged. In 2022. Only one percent of passwords used a mixture of lowercase letters, uppercase letters, numbers and symbols. Now that figure has grown to 19 percent, probably guided by stricter password requirements on platforms.
Get a Free scan To find out if your personal information is already on the web.
Illustration of hackers at work. (Kurt “Cyberguy” Knutsson)
Hr company confirms 4m records exposed in the main hak
Password Manager is a solution
Re -used or poor passwords represent a huge threat, not only individuals, but also organizations. One compromised password can start a domino effect, exposing more accounts in all services. Consider using a password manager To generate and store complex passwords. Get more details about my Best reviewed password managers from 2025. Here.
Four ways to stay safe from a password stealing fraud
The protection of your data requires a combination of smart security habits and reliable tools. Here are four effective ways to store your information.
1. Enable a dual -factor authentication (2FA): Even if your password is stolen, 2fa Adds an additional layer of security, demanding another form of check, such as code from the authentication application or biometric certificate. Cyber -Criminals rely on stolen user names and passwords to interrupt the account, but with the 2FA enabled I cannot get access without an additional safety step. Be sure to enable 1 in important accounts such as email, banking and work login.
2. Use strong antiviral software and be careful with downloads and relationships: Malware Infostealler is the basic cause of why your password is out there. It is often spread through malicious downloads, Phishing E -Mail and False Website. Avoid downloading software or files from unreliable sources and always double check the links before clicking them. The attackers disguise the malicious software as legitimate software, cheating on games or cracked apps, so it is best to adhere to official websites and the retailer stores to download.
The best way to protect yourself from malicious connections installed by malicious software, potentially access to your private data, is to install a strong antivirus software on all your devices. This protection can also alert you of phishing e -Mail and fraud from Ransomware, keeping your personal information and digital assets. Get my elections for the best winners to protect against antivirus 2025 for your Windows, Mac, Android and iOS devices.
3. Maintain the software: Cyber -Criminals exploit the outdated software to deliver malicious software. Maintaining your operating system, browser and security software updated It ensures that the known vulnerability is patched. Enable automatic updates whenever possible and install reputable anti -anti -anti -anti -protection software or endpoints that can detect and block the threats of Infostelers before threatening your system.
4. Consider the personal data removal service: These services can help remove your personal data from the web site of the Broker’s data, reducing the risk of identity theft, unwanted mail and target fraud. Although no service can guarantee the complete removal of your information from the Internet, the data removal service is a really smart choice. They are not cheap and neither Your privacy. These services do all the jobs for you active supervision and systematic deletion of your personal information from hundreds of websites. This is what we give peace and proved to be the most effective way to delete our personal information from the Internet. By limiting the available data, you reduce the risk of fraud with cross -references from info with information that they can find on the dark web, which is harder for them to target. See my best selection here for data removal services.
Subscribe to Kurt’s YouTube channel for fast video tips on how to do all your technological devices
Kurts key endeavor
When it all comes down to it, passwords just don’t cut them anymore. The whole number of missed passwords and the fact that they are so little unique show how vulnerable we are. Cyber-Christimal people get smarter and faster, but we don’t have to make it easier for them. Using a password manager, allowing authentication with a two -factor, updating our software and taking into account additional privacy tools, we can restore some control over this situation. It may take a little effort to change old habits, but the peace you have received is worth it.
Click here to get the Fox News app
How many of your accounts does the same password or its variation use? Let us know by writing us on Cyberguy.com/contact
For more of my technological tips and security warnings, subscribe to my free newsletter about Cyberguy Report, moving toward Cyberguy.com/newslettter
Ask the Kurt question or let us know what stories you would like to cover.
Follow Kurt on his social channels:
Answer to the most demanding questions about Cyberguy:
New from Kurt:
Copyright 2025 Cyberguy.com. All rights reserved.
