EXPERTS have worked out that more than 24billion usernames and password are exposed on the internet – the equivalent of nearly four for every person on the planet.

A shocking number of them use extremely easy to guess passwords, despite repeated warnings.

Change your password if it's too easy to guess

2

Change your password if it’s too easy to guessCredit: PA

The sensitive details are a collection relating to various breaches that have happened over the years.

Many are in circulation on the dark web where cyber criminals lurk.

The word ‘password’ itself ranks in the top 50 passwords dumped on the web, alongside the classic ‘qwerty’.

Nearly one in every 200 were found to be ‘123456’.

Experts from security firm Digital Shadows say 49 of the 50 most commonly used passwords can be ‘cracked’ in under one second via easy-to-use tools commonly available on criminal forums.

Android warning for BILLIONS as malware that STEALS your passwords is 'dangerous'
Inside Apple plot to KILL the password forever – and it's happening this year

Simply adding a special character like # or * adds about 90 minutes onto the the time it takes for a crook to solve the password.

The worrying 24billion figure is a massive 65 percent increase on 2020.

Once a hacker breaches a password database and takes the data, they can go onto doing something called credential stuffing, where they try the same usernames and passwords on loads of other sites, to see if you’re using the same login details.

“We will move to a ‘passwordless’ future, but for now the issue of breached credentials is out of control,” said Chris Morgan, Senior Cyber Threat Intelligence Analyst at Digital Shadows.

Most read in Tech

“Criminals have an endless list of breached credentials they can try but adding to this problem is weak passwords which means many accounts can be guessed using automated tools in just seconds.

“In just the last 18 months, we at Digital Shadows have alerted our clients to 6.7million exposed credentials.

“This includes the username and passwords of their staff, customers, servers and IoT devices.

“Many of these instances could have been mitigated through using stronger passwords and not sharing credentials across different accounts.”

Love Island fans beg producers to step in after spotting ‘red flags’
I have 6 children but 4 aren't real - many don't understand the joy it brings

Users are urged to consider using a password manager and multi-factor authentication if available, which allows people to confirm their identity using PINs, facial recognition or fingerprints instead of a password.

It’s also best to use unique passwords for every site you use, not the same one for all.

Hackers have long shared passwords on the dark web

2

Hackers have long shared passwords on the dark webCredit: Getty

Best Phone and Gadget tips and hacks

Looking for tips and hacks for your phone? Want to find those secret features within social media apps? We have you covered…


We pay for your stories! Do you have a story for The Sun Online Tech & Science team? Email us at [email protected]


This post first appeared on Thesun.co.uk

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like

Daily Mail Owner Files Antitrust Suit Against Google, Citing Royals Coverage

The Daily Mail’s owner filed an antitrust suit against Alphabet Inc.’s GOOG…

Now’s the Time to Snag L.L. Bean’s Classic Duck Boots

Having been born in New York and raised in the South, I…

Amazon is selling an amazing iPhone for just £239 – and it can get the iOS 16 update

AMAZON is flogging an impressive Apple smartphone for just under £240. The…

Washington, D.C., Has More Tech Job Openings Than Silicon Valley

This copy is for your personal, non-commercial use only. Distribution and use…