You are currently viewing Largest Ever Password Study Shows People Generally Choose Weak Passwords

Largest Ever Password Study Shows People Generally Choose Weak Passwords

In this era of digital communications, digital security is of paramount importance. And in most cases, the most important part of digital security is the password. However, it is surprising to note that most people tend to stick to very weak passwords putting their online accounts at risk, as has been suggested by the largest-ever password-related study.

The study was carried out by Joseph Bonneau at the University of Cambridge. During the course of this study, the password strength of the passwords of 70 million Yahoo users was analyzed and studied. Although these passwords were protected with hashing and individual account info, or the account associated to a specific password, was never revealed, it did give Bonneau a fair idea of what kind of passwords people tend to choose.

Interestingly, the trends are the same all across the world, across different communities and languages. People tend to choose small passwords which are weak and quite easy to guess. According to Bonneau, “We find surprisingly little variation in guessing difficulty; every identifiable group of users generated a comparably weak password distribution.”

Moreover, even when a user has to use a debit or credit card in connection with his account, he barely takes any extra measures to make his password more secure. He sure doesn’t go for the run-of-the-mill stupid passwords such as ‘abcd’, ‘1234’ or simply ‘password’ but he doesn’t choose a particularly strong password.

Bonneau further states, “More surprisingly, even seemingly distant language communities choose the same weak passwords and an attacker never gains more than a factor of 2 efficiency gain by switching from the globally optimal dictionary to a population-specific lists.”

The study further reveals that a lot of people tend to go for nine-digit passwords or longer. This is because nine-digits indicate the general length of phone numbers and are easier to remember for most people. However, generally the passwords chosen by a staggering majority of the users are not strong enough which is quite surprising since online accounts are becoming more and more critical as more and more information is migrated to the realm of digital world.

Source: University of Cambridge

Courtesy: Venture Beat

[ttjad keyword=”best-selling-gadget”]


Salman Latif is a software engineer with a specific interest in social media, big data and real-world solutions using the two.Other than that, he is a bit of a gypsy. He also writes in his own blog. You can find him on Google+ and Twitter .

Leave a Reply