hlavicka.jpg

latest password

According to the Centre for the Prevention of risky virtual communication, almost half of the Internet users use a universal password

During this year, the Centre for the Prevention of risky virtual communication at Palacky University in Olomouc realized research aimed at passwords analysis of young Internet users. The research carried out on a sample of 3743 respondents aged from 18 to 67 years revealed some interesting information:

1. More than 44% of users use so called "universal password" to access the Internet services. They use them, for example, to access their email accounts, social networks accounts, etc.

2. Most users use alphanumeric passwords (47,72%) combining numerals and letters of the alphabet. Exceptionally they use passwords containing only numbers (11%).

3. Average lenght of password for the email account is 8,71 characters.

4. Only 6,92% of passwords can be found in dictionaries. Most passwords does not match the usual dictionary entries, Czech users are therefore relatively cautious in choosing passwords. In our research, we compared the password file with a database of more than 160 000 words and word forms. Only 259 words out of 3743 matched the dictionary entries.

5. The most common Czech words are first names in the neutral form and in a form of diminutives, followed by the names of cities, widespread passwords are "sun", "locomotive", "mother" and "politics". As for the number passwords, the most common is the birth certificate number .

6. The myth about the usual passwords is not true. In our analysis, we verified whether the Czech Internet users also use passwords that are often cited in the list of the least secure passwords (12345, 123456, the word "password", etc.). This has not been confirmed. Passwords in the form of an ascending series of numbers used only from 0,03 to 0,05% of users, the word "password" is used by only 0,03%.

"Based on the results of our research we can claim that Czech Internet users choose strong passwords that are, in most cases, difficult to break by usual dictionary attacks. Their typical weakness is often weak control question whose disclosure is much easier than breaking the password", says Kamil Kopecky, the research implemenor. He also adds: "The myth about using passwords type 12345 was not confirmed, users are cautious in choosing passwords."

Lukas Hejsek, the analyst of the Center for the Prevention of risky virtual communication, adds: "Common and easily identifiable passwords are first names that are present in neutral form and especially in the form of diminutives. These passwords are usually chosen by women."

Martin Kožíšek, the manager of Internet security company Seznam.cz, adds: "Every day we solve more than 3500 requests for " forgotten password " to the accounts of our users. Usual way the attacker gets into the accounts at Seznam.cz is by breaking through the security questions for password. "

For more information download this PDF

The research was realized by the E-Synergie project: Scientific Network for Risks of electronic communications (CZ.1.07/2.4.00/17.0062 ).

The research team
Mgr. Kamil Kopecky, Ph.D., Mgr. Lukas Hejsek
Centre for the Prevention of risky virtual communication Pedagogical Faculty of Palacky University in Olomouc
E-mail: This email address is being protected from spambots. You need JavaScript enabled to view it. , This email address is being protected from spambots. You need JavaScript enabled to view it.