These Are The Top 5 Passwords Most Of the Hackers Try First

The most common passwords that hackers use to gain access to your account is revealed. A new study from F-Secure highlights that the use of such common passwords one of the prime reasons people lose their vital information. IoT devices are found to be the gateway as users don't bother to change the factory-set password it comes with.

Must Read

Elon Musk Added Over $100 Billion To His Net Worth In Just 1 Year, Leaves Jeff Bezos Behind

Jeff Bezos may the world's richest person in the world but it's Elon Musk who has been...

iPhone 12 Plagued With Serious Problems: Should You Buy It, Still?

A serious problem with Apple iPhone 12, identified recently, is good enough to give a second thought...

Elon Musk Overtakes Bill Gates And Becomes the 2nd Richest Person in the World

It's been a good week for Elon Musk and his electrical vehicle business Tesla. Earlier this week,...

Weak Passwords have long been one of the main targets of hackers and the prime reasons behind data security breaches. In fact, the list of top passwords is sold as commodities on the dark web and millions of people buy them on a regular basis.

As a reaction to this, many cybersecurity firms have undertaken research over the years to identify general patterns in people’s password habits and how they cause vulnerability.


One such study was recently conducted by the cybersecurity company F-Secure. The company set up a number of ‘honeypot’ servers all around the world. Before we dig deep into it, let’s understand the interesting concept of Honeypot.

Honeypot servers are decoy servers that are installed into networks along with the main production system. These servers detect any possible attacks on the network, and alert the main system. Thus, the name honeypot comes from its ability to attract/detect attacks.

The study revealed that the number of attacks on the Internet of Things devices, aka IoT devices, that are connected to the internet across the world, are on the rise. The study was also able to identify the usual method used to hack into devices, as well. SMB ports and Telnet were found to be the most vulnerable ports.

Once a hacker has successfully breached into a device, all they need to do is to figure out passwords.

Most commonly used passwords

The same study also analyzed the common passwords hackers try when hacking into a device.


According to the study, the first most common password that most of the hackers try is ‘admin’. A lot of users either don’t bother to change the predefined password of the application or platform or set it for the ease of remembering. And, that’s how they make a mistake.

The other top most commonly used ones are ‘12345’, ‘default’, ‘password’, and ‘root’.

According to F-Secure, the passwords reflect the kinds of devices hackers try to access, which are mainly routers and other devices with factory-default passwords. This makes factory default passwords another common choice for hackers.

Through other studies, a number of other patterns have been discovered in people’s passwords. One of these is ‘123456’. Passwords like ‘iloveyou’, names of animals, first names of people, names of family members are also very common. The names of football teams are also recurring themes with ‘liverpool’ being the most common.

Password Hygiene

It’s a generally acknowledged fact that hackers are becoming smarter by the day and finding newer ways to attack potential targets. As passwords are one of the most fundamental access keys to any device or account, when strong, they can protect your privacy against prying eyes.

A good practice when creating passwords is to make them complex and unique. This isn’t as hard as it sounds. The general guidelines that flash to users creating new accounts suffice in coming up with a strong password. Using a mix of special characters, capital letters, numbers, and lowercase letters make a password strong.

Many people use the same password across platforms, which should be voided at all costs. This might be hard to keep track of, but will ensure greater safety in the long run.

Many browsers like Google Chrome now auto-generate strong passwords. These passwords are encrypted and saved in a secure database, are auto-filled whenever the user accesses the account and can be changed/removed easily.

For those unwilling to put the effort into creating a complex and unique password, this can be a good alternative.

However, saving passwords should always be a last resort. Password databases are the most sought after in present times. Thus, saved passwords are not entirely secure and can fall prey to breaches at any time. For Instance, many companies suffered from massive breaches due to the Heartbleed Bug in 2014, and Google was among the worst affected. Additionally, an infographic by DigitalGuardian illustrated how sharing too much information on the internet, especially social media makes users vulnerable to hackers.


Please enter your comment!
Please enter your name here

Latest News

Backed By First-Time Shoppers, Flipkart And Amazon Dominated Festive Online Sales in India

It seems like Flipkart and Amazon squeezed the most out of the month-long festive season in India...

Amazon Gets Slapped With Penalty As GOI Prepares To Tighten The Noose On Ecommerce Players!

In a recent move, the Indian Government slapped Amazon on its wrist for not mentioning the country of origin detail for products...

Facebook’s Past Comes Back To Bite As South Korea Fines Them For 2018 Scandal

The social media behemoth Facebook Inc. (NASDAQ:FB) has once against proved they are the true arch-nemesis of modern-day user-privacy!

Amazon Future Group Dispute Deepens As Singapore Court Turns Down Future Group Plea

The dispute between Amazon and Future Retail is, apparently, far from over anything soon as the Singapore International Arbitration Centre (SIAC) has...

Google Pay Fee On Instant Transfer: An Indication Of Google’s Aggressive Monetisation Strategy?

Google has decided to levy fee on instant payment, starting from the US market. A few days back, Google...

Twitter Account Verification Is Back, But Has it Lost Its Mojo?

Twitterati queue up! As the Twitter account verification process which is responsible for awarding blue badges prepares to...

In-Depth: Dprime

Will ‘TikTok By Microsoft’ Be A Winner?

For the last two years, TikTok has been in the public eye for all sorts of reasons. First, it was the exploded...

Facebook Subscription Model: Looking Beyond Ad Dollars?

Seldom do job listings create a stir this gripping. However, when the job listing in question is a stealth post from Twitter,...

Will The Online Food Delivery Market in India End Up Becoming A Two-Horse Race?

It's pretty much evident that the food delivery space in India is all set to get riled up soon enough as one...

More Articles Like This