by Kevin Lancaster

Since the start of the new year, we’ve been sifting through billions of compromised email addresses and passwords found on the Dark Web  looking for interesting trends in password behavior. Rather than just give you the top 10 passwords to avoid, we wanted to take a closer look at user behavior when creating passwords and how those behaviors lead to predictability and potential exploits.

Passwords are often deeply personal expressions of oneself with the goal of making them easier to remember. However, remembering which password is which is becoming increasingly difficult in our hyper-digital daily lives. In fact, it is estimated that average US adult has between 90 and 135  different applications that require a set of credentials (typically a username and/or email address and password combination) for access.

Would your current password make the grade? Use our Password Report Card to see how yours rank!

{{cta(‘8243a843-8c1c-4e7e-a9ba-5ca8868ca970′,’justifycenter’)}}As a result of this onslaught of apps of convenience, most people choose easy to remember, insecure passwords that can be divided into 24 Common Password Types. These types, listed below, represent the most common categories of personal facts and interests that people draw from to create their passwords based on our analysis of the billions of email address and password combinations that we’ve extracted from data breaches, password dumps, and Dark Web forums by our intelligence teams over the past 7 years.

The 24 Most Common Password Types

Type

Common Definition

Name

First or Common Name

Word

General work – Dictionary

Key Walk

Keystroke pattern – easy to remember

Sports

Sport, Sports Team, League

Place

Easily identifiable City, State, Country, Place

Character

Fictional Character

Animal

Animal

Food

Food type, ingredient

Uncategorized

Automated/ Randomly Generated

Clever

Unique/ Clever

Password

Variation of the word “Password”

Transportation

Automobile, Transportation

Religious

Religious Affiliation, Meaning or Person

Website

Email Address or Common URL

Love

Association with the emotion/ feeling

Naughty

Association with controversial often vulgar terms

Band

Popular Music of all genres

Season

Weather/ Season related

Color

Common Colors

Greeting

Common and Localized Greetings

Month

Calendar Months

Military

Association with military, war, weaponry

Horoscope

Astrological Signs

Alphabet Walk

Sequential pattern (alphanumeric & non alphanumeric)

 

Using a randomized data set of more than 1 billion email address and password combinations discovered over the past 12 months, we can successfully demonstrate how  the most common password types stack up by percentage as represented on the chart below.

The most common password types by percentage (per 1000 records)

Password Type

Total by Type (per 1000)

Percentage by Type (per 1000)

Name

369

36.9%

Word

161

16.1%

Key Walk

87

8.7%

Sports

59

5.9%

Place

56

5.6%

Character

48

4.8%

Animal

30

3.0%

Food

27

2.7%

Uncategorized

20

2.0%

Clever

20

2.0%

Password

19

1.9%

Transportation

17

1.7%

Religious

14

1.4%

Website

14

1.4%

Love

9

0.9%

Naughty

9

0.9%

Band

8

0.8%

Season

7

0.7%

Color

6

0.6%

Greeting

6

0.6%

Month

5

0.5%

Military

4

0.4%

Horoscope

3

0.3%

Alphabet Walk

2

0.2%

 

1000.00

100.0%

Next, we dug into perhaps the most sought after piece – the most common English language passwords used. You should pay particular attention to the password complexity and password strength of the most commonly found passwords. The results were rather bleak. The average length of the passwords sampled was 7.007 characters in length. The shortest common passwords identified were comprised of just 4 characters, while the longest of the most common passwords were 16 characters in length.

Most common passwords

Password Type

Most Common

Name

george

Word

sunshine

Key Walk

Abcd1234

Sports

baseball

Place

dallas

Character

tigger

Animal

monkey

Food

ginger

Uncategorized

(BOTS)

Clever

letmein

Password

password

Transportation

harley

Religious

jesus1

Website

email

Love

iloveyou

Naughty

f**kme

Band

blink182

Season

summer

Color

purple

Greeting

welcome

Month

august

Military

ranger

Horoscope

gemini

Alphabet Walk

Abcd1234

 

 

KevinLancaster-lock

– Kevin Lancaster