Data breaches are at an all-time high. According to the Identity Theft Resource Center’s (ITRC) 2021 Annual Data Breach Report, there were 1,862 data breaches in 2021 — a 68% increase over breaches in 2020. And, new year-over-year results indicate a fast start to data breaches in 2022, as more than 90% of data breaches are cyberattack-related. 

When data breaches happen, emails and passwords associated with online accounts are also commonly leaked, leaving consumers at risk of phishing scams or identity theft.  According to Lookout, on average, 80% of consumers have had their email leaked on the dark web.

Here is the company’s list of the top 20 passwords found on the dark web, due to data breaches: 

1. 123456
2. 123456789
3. qwerty
4. password
5. 12345
6. 12345678
7. 111111
8. 1234567
9. 123123
10. qwerty123
11. 1q2w3e
12. 1234567890
13. DEFAULT
14. 0
15. Abc123
16. 654321
17. 123321
18. Qwertyuiop
19. Iloveyou
20. 666666

Do you spot your password on this list? The National Institute of Standards and Technology (NIST) has developed specific guidelines for strong passwords. According to NIST guidance, you should consider using the longest password or passphrase permissible (8–64 characters). Try different variations of a passphrase and avoid common phrases, famous quotations, and song lyrics.

For more information on passwords, multi-factor authentication, and related password topics, visit www.securitymagazine.com/passwords.