'admin' is the Philippines' most used password in 2023—study
The word “admin” is the most used password in the Philippines this year, a study from a password manager app found.
On its website, findings from NordPass showed that “admin” has been used over 26,000 times and took less than a second to crack.
The study also found that Filipinos have a penchant for using consecutive numbers as well as the word “password” itself and its derivatives. Others also use values like “wisdom” and “learning,” their preferred beverage, internet provider, and expression of feelings as passwords.
Here are the most used passwords in the Philippines this year, according to NordPass.
Globally, “admin” is the second most used password, and it's been used over 4 million times. “123456” topped the list with over 4.5 million usages.
NordPass also found that individuals who are into streaming tend to choose the poorest passwords.
The password manager said it partnered with independent researchers to evaluate 4.3 terabytes of data extracted from various publicly available sources, including those on the dark web. Up to 35 countries were part of the study.
They analyzed passwords from a 6.6-terabyte database. The passwords, according to NordPass, were stolen by various stealer malware such as Redline, Vidar, Taurus, Raccoon, Azorult, and Cryptbot. As its name suggests, a stealer malware collects sensitive data from computers like passwords, browser information, and more.
The risks of getting one's password cracked
In a previous interview with PhilSTAR L!fe, cybersecurity expert Dominic Ligot stressed that if hackers get hold of one’s passwords, they may steal more data from the victim, which could lead to identity theft for criminal activities.
Victims may also be at risk of being involved in illicit transactions on e-commerce and online banking platforms.
Hackers may also use the victim's stolen data for further financial gain, particularly when they sell the data on the dark web.
With the victim's data out in the open, they might also be in physical danger.
Passkeys and other ways to improve one's security online
NordPass advised users to use a passkey, which identifies a particular user account on an online service with a cryptographic private key stored on the device. The online service then stores a corresponding public key, making it more secure than a password.
Unlike passwords, passkeys don’t need to be typed or memorized like the normal password consisting of alphanumeric characters.
In any case, NordPass urged the public to do the following:
- Use complex passwords that are at least 20 characters long and include a mix of uppercase and lowercase letters, numbers, and special symbols.
- Never reuse passwords across multiple sites or services because if one account gets compromised, all other accounts with the same password could be at risk.
- Use a password manager to generate, retrieve, and store complex passwords for users.
Cybersecurity firm Blackpanda previously told Filipinos to set up two-factor authentication on their devices.
It also recommended changing their passwords every three months and avoiding easily guessable information like birthdays, anniversaries, and names of loved ones.
“As you can imagine, if you just had one key and that opened everything that was important to you that you locked, it doesn’t make any sense," said Gene Yu, Blackpanda chief executive officer and co-founder.
"You want to have different keys for everything," she noted.