While banks, retailers and others experiment with alternative security methods such as fingerprints and behavioural biometrics, passwords still dominate the online world.
And, despite more than a decade of efforts to encourage people to use strong passwords, the message still appears to have passed many by.
Ata Hakçıl, a Turkish computer engineering student has analysedmore than a billion leaked credentials pulled from various data dumps.
The results show just under 169 million unique passwords, with the top 100 accounting for 6.6% of all billion-plus. The string ‘123456’ accounts for more than seven million passwords, or 0.72% of all billion-plus.
Meanwhile, only 12% of the passwords contain special characters, while 29% only have letters, 26% are lowercase only, and 13% are numbers only. The average length of a password is 9.48 characters.