The global cybersecurity firm, Kaspersky, has revealed that password stealers have tried to attack over 32 times as many users including corporate businesses in 2023.

Kaspersky report was released on Friday, highlighting the fight back of 193 million English passwords, which info stealers compromise and are available on the dark net, for brute force and smart guessing attacks.

The latest research found that 45% of all analyzed passwords, nearly 87 million, could be guessed by cybercriminals within just 1 minute.

Only 23% (44 million) of the password combinations were robust enough that cracking them would take more than a year.

Additionally, Kaspersky’s telemetry detected over 32 million attempts to attack users with password-stealing malware in 2023. These findings highlight the critical importance of practicing good digital hygiene and regularly updating password policies.

The Kaspersky study results demonstrate that the majority of the examined passwords were not sufficiently strong and could be easily compromised through the use of sophisticated guessing algorithms.

The research found that the majority of the examined passwords (57%) contained words from the dictionary, which significantly undermines their strength. The analysis identified several common vocabulary sequences used in these passwords.

Furthermore, the study determined that only 19% of all the passwords examined exhibited signs of a strong combination - incorporating a non-dictionary word, a mix of lowercase and uppercase letters, as well as numbers and symbols. However, even with these more complex passwords, 39% of them could still be guessed by smart algorithms in less than an hour.

To improve password security, the recommendations include using a unique password for each online account as if one account is compromised, the others will remain protected.

Users should also avoid using easily guessable passwords based on personal information like birthdays, family names, pet names, or their names.

Attackers frequently try the most common password guesses first. It’s extremely difficult to remember long, unique passwords for all the online accounts and services an individual uses.

“The most dependable solution is to generate a completely random password using modern and reliable password managers,” Kaspersky Head of Digital Footprint Intelligence Yuliya Novikova stated.

Read more

Meta warns of password stealing phone apps

Google to delete millions of inactive Gmail accounts

Millions of android users at risks due to malicious apps discovered on Playstore