Pardon passwords, and it is time for technology companies and users to move forward. There, I said that. Like or not, the weakest link in cybersecurity is anything that depends on human inputs. While institutions continue to invest in the walls of protection and the security point of the end, the most stable weakness is still the human password.
The Internet has long struggled with bad password practices, but a recent discovery highlights the seriousness of the problem.
Security researchers More than 19 billion newly leaked passwords, collected from hundreds of violations between April 2024 and April 2025. 94 % of these passwords have been reused or predicted or both.
Explanation of the infiltrators at work. (Cyberguy “Knutsson)
What you need to know
Between April 2024 and the April 2025, the data became nearly 200 separate cyber security incidents available to the public, as discovered by Cybernews. These were not isolated events. They were involved in huge leakage warehouses, including clamp musicians, theft records, and databases at risk. In total, more than 3 teraabytes was analyzed from raw data, which includes more than 19 billion passwords. Only 6 percent of these, slightly over 1.1 billion, was unique.
Among the most used passwords, “123456” appeared in more than 338 million cases. I followed words such as “Password” and “The Supervisor” closely, despite the years of general warnings. This failure of payment often arises from devices such as routers or institutions tools, as they are rarely changed and reused in another place.
1.7 billion passwords leaked on the dark web and why they are at risk
Personal names remain a common pattern as well. The name “Ana” appeared in nearly 179 million passwords, followed by countless names and name -based groups. The culture of pop, food, cities, and even words that divided frequent topics. Words like “Mario”, “Love”, “Pizza” and “Rome” and a variety of profanity were not creative options. They are now security obligations.
Worse, the attackers do not need to guess anymore. They have automation. Accreditation with the credentials now works through billions of passwords known through hundreds of platforms, and violating accounts of success rates of up to 2 percent. This is equivalent to thousands of personal files at risk, bank accounts, e -mail messages and cloud tools every day.
Explanation of the infiltrators at work. (Cyberguy “Knutsson)
200 million records for social media were leaked in the main X data breach
The biggest problem
According to CyberNews Neringa Macijauskaite, the main issue is not just weak passwords but the number of times they are reused. Only six percent of the passwords are unique. For most users, security is completely dependent Dual factors authenticationIf it is enabled at all.
Most passwords drop between eight to 10 letters, with eight letters are the most common. About 27 percent of them contain only small letters and numbers, which makes them very vulnerable to brute force attacks. Less than 20 percent uses a mixture of cases and numbers, and only a small part includes symbols.
How safe is my password? Use this test to find out
Although educational efforts are widely, user habits are still stagnant, but one positive trend appeared. In 2022, only one percent of passwords used a mixture of small letters, large letters, numbers and symbols. Now this number has grown to 19 percent, probably driven by the requirements of a tougher password across platforms.
Get on Free examination To see if your personal information has already came out on the web.
Explanation of the infiltrators at work. (Cyberguy “Knutsson)
The Human Resources Company confirms 4M Records exposed in the main penetration
Password manager is the solution
Related or weak passwords pose a huge threat, not only for individuals but for organizations. One password at risk can lead to a Domino effect, which presents multiple accounts through services. Consider using Password Director To create and store complex passwords. Get more details about my country The best password managers reviewed by experts in 2025 here.
Four ways to stay safe from the password stealing contents
Protecting your data requires a mixture of smart security habits and reliable tools. Here are four effective ways to keep your information safe.
1. Type 2FA: 2FA: 2FA: Even if your password is stolen, 2FA It adds an additional layer of safety by requesting a second form of verification, such as a symbol of applying authentication or confirming biological measurement. Internet criminals depend on the names of the stolen users And passwords for storming accounts, but with an empowerment of 2FA, they cannot reach without an additional safety step. Make sure to enable 2FA on important accounts such as email, banking services and business registrations.
2. Use strong antivirus programs and be careful of downloads and links: Infostealer is the radical cause of your password. It is often spread through malicious downloads, deceptive email messages and fake web sites. Avoid downloading programs or files from unreliable sources, and always check the links before clicking on them. The attackers hide harmful programs as legitimate programs, fraud in the game or cracked applications, so it is better to adhere to the official sites and applications stores for downloads.
The best way to protect yourself from malicious links that prove harmful programs, which may reach your own information, is to install a strong antivirus program on all your devices. This protection can also be alerted to relieving emails and fraud on Ransomwari, and maintaining your personal information and digital assets. Get my choices for the best winners to protect antivirus 2025 for Windows, Mac, Android and iOS devices.
3. Keep updating the program: CYBERCRIMINALs takes advantage of an old program to provide malware. Maintaining the operating system, browsers and safety programs updated It ensures that the known weaknesses are corrected. Enable automatic updates whenever possible, and install a virus protection program or a reputation ending point that can discover and give Infostealer threats before settling your system.
4. Consider the service of removing personal data: These services can help remove your personal information from the data broker sites, which reduces the risk of stealing identity, random mail and targeted fraud. Although there is no service that ensures the complete removal of your data from the Internet, the data removal service is really a smart choice. It is not cheap, and there is no Your privacy. These services do all work for you through effective monitoring and systematically erasing your personal information from hundreds of websites. This gives me peace of mind and has proven to be the most effective way to erase your personal data from the Internet. By reducing the available information, you reduce the risk of referring to the cross -cut data from the violations of information that they may find on the dark web, making it difficult for them to target you. Check the best data removal choices here.
Kurt fast food
When it comes to this, passwords no longer cut them anymore. The huge number of leaked passwords and the fact that a few are unique shows our weakness. Internet criminals are more intelligent and faster, but we should not make it easy for them. Using the password managers, and enabling the authenticity of the thris may require little effort to change old habits, but the peace of mind you get is worth it.
Click here to get the Fox News app
How many of your accounts are the same password or contrasting? Let’s know through our writing in Cyberguy.com/contact
For more technical advice and security alerts, participated in the free newsletter of Cyberguy Report by going to Cyberguy.com/newsledter
Ask Court a question or tell us about the stories you want to cover.
Follow Court on his social channels:
Answers to the most amazing Cyberguy questions:
New from Court:
Copyright 2025 Cyberguy.com. All rights reserved.
