Breaking

A look back at the UK Cyber Survey is a wakeup call to update passwords

A look back at the UK Cyber Survey conducted by the National Cyber Security Centre (NCSC) in 2019 to study the compromised passwords and the patterns associated with it. As per NCSC UK Cyber Survey 42% of Brits are expected to lose their money to online fraud. And, 23.2 million compromised accounts worldwide were using 123456 as their password.

Brits were then asked to be safe after looking into the results of the UK Cyber Survey that exposed multiple gaps in security.

NCSC UK Cyber Survey and its breakdown

The survey was carried out independently and the findings were released in 2019. However, considering the importance of cybersecurity and password threats, The Cybersecurity Times thought it is important to spread the knowledge of password vulnerabilities, and how your current password looks for a study that is 2 years old.

If you think this is an old study, please check your passwords across platforms to see the pattern that is common with your password to the ones that was compromised. If you want to check for your password breaches in particular, please visit ‘Have I Been Pwned’ and you will know the breaches that compromised your credentials.

As per the study,

Only 15% of the subjects know how to protect themselves from the internet threats.
The common concern is money theft with 42% felt it could happen the next year as well.

Source: NCSC

One among three depend on their friends/family for cybersecurity.
Youngsters are more privacy aware compared to other subjects.
61% of subjects are daily active on social media

Source: NCSC

Only 70% use smartphone PINS and passwords for their devices.
Only 50% use strong passwords for their email accounts

Source: NCSC

Look at the UK Cyber Survey’s compromised passwords and their patterns

Most used in total	Names	Premier League football teams	Musicians	Fictional characters
123456 (23.2m)	ashley (432,276)	liverpool (280,723)	blink182 (285,706)	superman (333,139)
123456789 (7.7m)	michael (425,291)	chelsea (216,677)	50cent (191,153	naruto (242,749)
qwerty (3.8m)	daniel (368,227)	arsenal (179,095)	eminem (167,983	tigger (237,290_
password (3.6m)	jessica (324,125)	manutd (59,440)	metallica (140,841)	pokemon (226,947)
1111111 (3.1m)	charlie (308,939)	everton (46,619)	slipknot (140,833)	batman (203,116)

Source: NCSC

Common names that were breached,

1. ashley	432,276	11. andrew	261,453
2. michael	425,291	12. joshua	259,079
3. daniel	368,227	13. justin	256,388
4. jessica	324,125	14. anthony	256,277
5. charlie	308,939	15. jennifer	245,653
6. jordan	297,882	16. robert	233,773
7. michael1	294,662	17. matthew	221,591
8. thomas	284,148	18. andrea	220,764
9. michelle	278,545	19. hannah	219,400
10. nicole	278,170	20. george	215,350

Source: NCSC

Premier League Team names as passwords that were breached,

1. liverpool	280,723	11. mancity	13,796
2. chelsea	216,677	12. palace	13,796
3. arsenal	179,095	13. cardiff	12,594
4. man utd	59,440	14. leicester	7,921
5. everton	46,619	15. fulham	5,984
6. wolves	35,256	16. watford	5,563
7. newcastle	32,143	17. southampton	3,691
8. tottenham	19,596	18. burnley	3,494
9. westham	18,801	19. bournemouth	Not in the top 100k
10. brighton	15,523	20. huddersfield	Not in the top 100k

Source: NCSC

You can also look at the top 100,000 passwords (data from ihavebeenpwned) that were compromised. If you find your password in this list, please update it immediately.

Strong password practices for robust cyber hygiene

Cybersecurity is the new wealth of the 21st century and it will be more crucial once the evolution of Metaverse, Tesla, and other major tech giants up their game based on big data and privacy. Virtual Reality will take a new avatar once the Metaverse is released. The power of augmented reality with virtual reality may sound all fun and exciting but the cons could be extremely devastating if proper cyber hygiene isn’t practiced.

The cyber hygiene, best practices an all other things begins with ‘passwords’ first. Cybersecurity Times believes the device and credentials are two important things that connect to the web, while the devices are physical lets place the second important stuff next to our passwords.

Passwords play a vital role in account compromises, further concerns when a same password is used for multiple platforms. Practice password hygiene by replacing your weak passwords with strong ones, i.e; alphanumeric with a special character. Also ensure, you enable two-factor or multi-factor authentication based on the login options provided by the platforms.

For further hardening, use a password that is derived from a phrase, this is even stronger than the earlier suggestion. For example, ‘I Like to Play Football and Cricket during my teen’, now choose the first/last letter of the each word to coin your password, ‘iltpfacdmt’ or ‘ieoyldtgyn’. These phrases will be easy to remember and are quite strong to evade cyberthreats.

Subscribe to our newsletter for daily alerts on cyber events, you can also follow us on Facebook, Linkedin, Instagram, Twitter and Reddit.

You can reach out to us via Twitter or Facebook, for any advertising requests.

Share the article with your friends

William Marshal

William has been one of the key contributors to 'The Cybersecurity Times' with 9.5 years of experience in the cybersecurity journalism. Apart from writing, he also like hiking, skating and coding.