February
2
2021

It’s A Doozie!: ID Agent Celebrates Groundhog Day with List of 20 Most Common Passwords of 2020

Analysis of 2020 Dark Web data reveals the same weak passwords keep being used again and again.

Feb. 2, 2021 — Bowie, MD — Just like Phil Connors, Bill Murray’s character in the 1993 film Groundhog Day, is doomed to keep repeating the same things over and over, the same weak passwords keep repeating year over year. That’s the finding of the “Groundhog Day List of the 20 Most Common Passwords of 2020” released today by ID Agent, a Kaseya company and leading provider of Dark Web monitoring and security awareness training solutions. The list was compiled from a scan of nearly 3 million passwords found on the Dark Web in 2020 and includes a breakdown of the most commonly utilized types of passwords such as first names, sports references and famous people or characters which should be avoided to ensure the highest level of password security in 2021 and beyond.

“It’s fitting that our list of the most commonly found passwords on the Dark Web come out on Groundhog Day. Time and time again we see the same weak passwords and password types continue to be the most frequently used – and easily compromised – every year,” said Mike Puglia, chief strategy officer at Kaseya. “The drastic rise in cybersecurity threats in 2020 means that it’s more important than ever for those who still rely on too-easy-to-guess passwords to update them with stronger, more secure versions to ensure sensitive data is safe from bad actors.”

Top 20 Most Common Passwords Found on the Dark Web in 2020:

  1. 123456
  2. password
  3. 12345678
  4. 12341234
  5. 1asdasdasdasd
  6. Qwerty123
  7. Password1
  8. 123456789
  9. Qwerty1
  10. :12345678secret
  11. Abc123
  12. 111111
  13. stratfor
  14. lemonfish
  15. sunshine
  16. 123123123
  17. 1234567890
  18. Password123
  19. 123123
  20. 1234567

Based on analysis of the top 250 passwords found on the Dark Web, the most common types of password choices were: Names, Sports, Food, Places, Animals, and Famous People/Characters. The most common passwords for each type include:

  • Names: maggie
  • Sports: baseball
  • Food: cookie
  • Places: Newyork
  • Animals: lemonfish
  • Famous People/Characters: Tigger

A complete list of the top passwords for each type can be found here.

When Phil Connors lists some of the constants in life such as, “Be nice to your sister,” or, “Don’t drive on the railway tracks,” (while he is driving on the railway tracks), he could have added, “Don’t use weak passwords.” When creating or updating your passwords in 2021, ID Agent offers some tips based on analysis of the data provided by the 2020 report. These include:

  • “Phil? Phil Connors?” – Don’t use your name – At least 92 of the top 250 most common passwords found on the Dark Web in 2020 were first names or variations of first names. For a stronger password, ID Agent suggests using a nonsense phrase that only you will know. (Something like Punxsutawney perhaps?)
  • “That about sums it up for me.” – Don’t be as easy as 1,2,3 – 35 of the top 250 most common passwords found on the Dark Web in 2020 included some variation of the sequential “123” – including 12 of the top 20 most common passwords. For a stronger password, ID Agent suggests using a combination of numbers, symbols, and uppercase and lowercase letters.
  • “There is something so familiar about this…” – Don’t recycle when it comes to passwords – 39% of people say most of their passwords across both their work and home applications are identical. For stronger password protection, use a different password for your various log-ins and consider a password manager or two-factor authentication.

In 2020 alone, hackers dropped more than 22 million records on the Dark Web and more than 81% of data breaches during the year were due to poor password security. To help companies combat the financial, reputational and productivity damage caused by breaches, ID Agent’s award-winning Dark Web ID monitoring platform uses human and machine intelligence to scan the Dark Web for passwords, data and other sensitive materials that can put businesses at risk for a cyberattack or data breach.

For more information on the “Groundhog Day List of 20 Most Common Passwords of 2020”, visit: https://www.idagent.com/these-bad-passwords-make-every-day-groundhog-day-for-it-teams. For more information on ID Agent and its products, visit https://www.idagent.com/.

Kaseya Logo
About Kaseya

Kaseya® is the leading provider of IT and security management solutions for managed service providers (MSPs) and small to medium sized businesses (SMBs). Through its open platform and customer-centric approach, Kaseya delivers best in breed technologies that allow organizations to efficiently manage, secure, and backup IT. Kaseya IT Complete is the most comprehensive, integrated IT management platform comprised of industry leading solutions from Kaseya, Unitrends, RapidFire Tools, Spanning Cloud Apps, IT Glue, ID Agent and Graphus. The platform empowers businesses to: command all of IT centrally; easily manage remote and distributed environments; simplify backup and disaster recovery; safeguard against cybersecurity attacks; effectively manage compliance and network assets; streamline IT documentation, and automate across IT management functions. Headquartered in Dublin Ireland, Kaseya is privately held with a presence in over 20 countries. To learn more, visit www.kaseya.com.

ID Agent - A Kaseya Company
About ID Agent

ID Agent, a Kaseya company, provides Dark Web monitoring and identity theft protection solutions, available exclusively through the reseller channel, to private and public organizations and millions of individuals at risk of cyber incidents. Its flagship product, Dark Web ID, delivers Dark Web intelligence to identify, analyze and monitor for compromised or stolen employee and customer data, mitigating exposure to enterprise clients’ most valuable asset – their digital identity. The company’s BullPhish ID provides anti-phishing and security awareness training programs to help make a company’s employees its front line of defense against cyber attack. For more information, visit www.idagent.com.