Definitely Don’t Use These Passwords

We all might have a laugh about our boomer relative or colleague who insists on using ‘password123’ for everything but it’s just one of many options hackers always try out first. A Finnish cybersecurity firm has released a new report detailing some of the other common passwords hackers prefer to test out first.

Finnish cybersecurity firm, F-Secure, released its Attack Landscape H2 2019 report and in it, included some of the worst offending passwords our imaginations have thought up. The report said these passwords were the first ones hackers sought out when they were guessing a system or device’s password as they were often the most likely to be put in place.

[referenced url=”” thumb=”” title=”How Are People Still Using These Passwords In 2019?” excerpt=”Don’t use bad passwords. Not even for stupid stuff. Because the dumb social network you join today might add a wallet or a cloud service or a camera some day, and before you know it, the only thing stopping someone from draining your bank account and spying on your home is the word “dragon.””]

Some of the passwords pointed out on their list included:

  1. admin
  2. vizxv
  3. default
  4. 1001chin
  5. sh
  6. taZz@23495859
  7. 12345
  8. password
  9. ttnet
  10. root

‘Admin’ being in the number one position will not likely come as a surprise for anyone working in a workplace with computers. The others seem a little more technical but there’s a reason they’re high on the hackers’ go-to list.

“The number two password of the period, ‘vizxv,’ is a default for Dahua DVRs, and two other passwords on the list, ‘1001chin’ and ‘taZz@23495859’ represent the factory defaults for other embedded devices such as routers,” the report outlined.

“Brute forcing factory default usernames and passwords of IoT devices continues to be an effective method for recruiting these devices into botnets that can be used in DDoS attacks.”

So, if your password, or some iteration of it, is appearing on that list above, it’s a very good idea to change it immediately to something unique. You could also use a password generator and save that long code into a secure password manager. Ditch your ‘password123’ and ‘[your name]iscool’, it’ll save you a lot of heartache.

[referenced url=”” thumb=”” title=”What Is The Best Password Manager?” excerpt=”It’s no secret we’re very into data security and online privacy, and one of the easiest steps you can take is to use a password manager to generate (and store) strong, very-difficult-to-crack passwords. Even if you don’t care about the security aspects — perhaps you think you’re unhackable — they’re an incredibly convenient way to remember your passwords for all the sites and services you subscribe to.”]


Leave a Reply