It’s A Doozie!: ID Agent Celebrates Groundhog Day with List of 20 Most Common Passwords of 2020

Analysis of 2020 Dark Web data reveals the same weak passwords keep being used again and again.

Feb. 2, 2021 — Bowie, MD — Just like Phil Connors, Bill Murray’s character in the 1993 film Groundhog Day, is doomed to keep repeating the same things over and over, the same weak passwords keep repeating year over year. That’s the finding of the “Groundhog Day List of the 20 Most Common Passwords of 2020” released today by ID Agent, a Kaseya company and leading provider of Dark Web monitoring and security awareness training solutions. The list was compiled from a scan of nearly 3 million passwords found on the Dark Web in 2020 and includes a breakdown of the most commonly utilized types of passwords such as first names, sports references and famous people or characters which should be avoided to ensure the highest level of password security in 2021 and beyond.

“It’s fitting that our list of the most commonly found passwords on the Dark Web come out on Groundhog Day. Time and time again we see the same weak passwords and password types continue to be the most frequently used – and easily compromised – every year,” said Mike Puglia, chief strategy officer at Kaseya. “The drastic rise in cybersecurity threats in 2020 means that it’s more important than ever for those who still rely on too-easy-to-guess passwords to update them with stronger, more secure versions to ensure sensitive data is safe from bad actors.”

Top 20 Most Common Passwords Found on the Dark Web in 2020:

  1. 123456
  2. password
  3. 12345678
  4. 12341234
  5. 1asdasdasdasd
  6. Qwerty123
  7. Password1
  8. 123456789
  9. Qwerty1
  10. :12345678secret
  11. Abc123
  12. 111111
  13. stratfor
  14. lemonfish
  15. sunshine
  16. 123123123
  17. 1234567890
  18. Password123
  19. 123123
  20. 1234567

Based on analysis of the top 250 passwords found on the Dark Web, the most common types of password choices were: Names, Sports, Food, Places, Animals, and Famous People/Characters. The most common passwords for each type include:

  • Names: maggie
  • Sports: baseball
  • Food: cookie
  • Places: Newyork
  • Animals: lemonfish
  • Famous People/Characters: Tigger

A complete list of the top passwords for each type can be found here.

When Phil Connors lists some of the constants in life such as, “Be nice to your sister,” or, “Don’t drive on the railway tracks,” (while he is driving on the railway tracks), he could have added, “Don’t use weak passwords.” When creating or updating your passwords in 2021, ID Agent offers some tips based on analysis of the data provided by the 2020 report. These include:

  • “Phil? Phil Connors?” – Don’t use your name – At least 92 of the top 250 most common passwords found on the Dark Web in 2020 were first names or variations of first names. For a stronger password, ID Agent suggests using a nonsense phrase that only you will know. (Something like Punxsutawney perhaps?)
  • “That about sums it up for me.” – Don’t be as easy as 1,2,3 – 35 of the top 250 most common passwords found on the Dark Web in 2020 included some variation of the sequential “123” – including 12 of the top 20 most common passwords. For a stronger password, ID Agent suggests using a combination of numbers, symbols, and uppercase and lowercase letters.
  • “There is something so familiar about this…” – Don’t recycle when it comes to passwords – 39% of people say most of their passwords across both their work and home applications are identical. For stronger password protection, use a different password for your various log-ins and consider a password manager or two-factor authentication.

In 2020 alone, hackers dropped more than 22 million records on the Dark Web and more than 81% of data breaches during the year were due to poor password security. To help companies combat the financial, reputational and productivity damage caused by breaches, ID Agent’s award-winning Dark Web ID monitoring platform uses human and machine intelligence to scan the Dark Web for passwords, data and other sensitive materials that can put businesses at risk for a cyberattack or data breach.

For more information on the “Groundhog Day List of 20 Most Common Passwords of 2020”, visit: https://www.idagent.com/these-bad-passwords-make-every-day-groundhog-day-for-it-teams. For more information on ID Agent and its products, visit https://www.idagent.com/.

Kaseya Logo
About Kaseya

Kaseya is the leading provider of unified IT & security management software for IT professionals in managed service providers (MSPs) and mid-market enterprises (MMEs). Through its customer-centric approach and renowned support, Kaseya delivers best-in-breed technologies that empower organizations to seamlessly manage IT infrastructure, secure networks, backup critical data, manage service operations, and grow their businesses. Kaseya offers a broad array of IT management solutions, including well-known names: Kaseya, Datto, IT Glue, RapidFire Tools, Unitrends, Spanning Cloud Apps, TruMethods, ID Agent, Graphus and RocketCyber. These innovative solutions fuel Kaseya’s IT Complete platform, which is designed to maximize efficiencies and enable businesses through a single pane of glass. IT Complete empowers IT professionals to centrally command hardware, software, security, data, compliance, operations and more from within a comprehensive, integrated, intelligent (AI utilization-optimized), and affordable platform. Headquartered in Miami, Florida, Kaseya is privately held with a global presence in over 25 countries. To learn more, visit https://www.kaseya.com/.

ID Agent - A Kaseya Company
About ID Agent

ID Agent, a Kaseya company, provides the leading Dark Web monitoring, security awareness training and identity & access management solutions to organizations of all sizes worldwide. Its flagship product, Dark Web ID™, delivers validated intelligence to identify, analyze and monitor for compromised or stolen employee and customer data. The company’s BullPhish ID™ product provides cybersecurity awareness training and phishing simulation geared to the non-technical end user, to enhance a company’s overall cybersecurity and further safeguard corporate systems. Passly™ delivers comprehensive identity & access management to secure remote workforces and protect organizations from risk of exposure. To learn more, visit www.idagent.com.