Among world’s most breached passwords, ‘123456’ and ‘India@123’ most used

A new global cybersecurity report has revealed a continuing trend of weak password practices, with users still relying on predictable and easily guessed combinations such as ‘123456’ and ‘India@123’. The findings underscore widespread negligence in online security despite repeated warnings from experts.

The study, cited by Financial Express, which analysed over 2 billion compromised accounts from data breach forums worldwide, found that ‘123456’ remains the most commonly used password globally, with more than 7.6 million users opting for it. Other frequently used credentials included ‘admin,’ ‘password,’ ‘123,’ ‘1234567890,’ and ‘Aa123456,’ all of which are highly vulnerable to hacking attempts.

Researchers pointed to user complacency as a major contributor to these breaches, noting that simple and repetitive passwords make cyberattacks “as easy as ABC and 123.”

The report also identified regional patterns, revealing ‘India@123’ as a particularly common password among Indian users. It ranked 53rd on the list of the world’s 100 most frequently breached passwords, highlighting the persistent lack of awareness around secure digital practices in the country.

The implications of such weak security measures have been starkly demonstrated in recent incidents. In one case, an investigation into a high-profile heist at the Louvre Museum in France found that the museum’s core security system was protected by the password ‘LOUVRE’, exposing a major vulnerability.

Cybersecurity experts continue to urge users to adopt stronger passwords that combine upper- and lowercase letters, numbers, and special characters. They also recommend using password managers and two-factor authentication to enhance digital protection and reduce the risk of personal data breaches.