In a report released by the Security firm Imperva on Thursday on the 32-million passwords recently exposed by a hacker from the site RockYou.com, it showed that despite severe security risks, people still use passwords as common as 123456.

The most commonly used passwords as identified by the report are:

1. 123456
2. 12345
3. 123456789
4. Password
5. iloveyou
6. princess
7. rockyou
8. 1234567
9. 12345678
10. abc123

Nearly 50% of the users used common dictionary words, slang words, or trivial words such as adjacent keys in the keyboard (for eg: “qwerty”). Using simple passwords as these make the users easily susceptible to brute-force attacks with relatively small dictionary files.

As explained by Imperva’s CTO Amichai Schulman, “Everyone needs to understand what the combination of poor passwords means in today’s world of automated cyber attacks: with only minimal effort, a hacker can gain access to one new account every second—or 1000 accounts every 17 minutes.”

Many of the top notch companies impose rules upon their employees to use longer and complex passwords and to change them periodically by using password policies in the domains. But this is not, many a times, provided by many online email or community sites where there is always a chance of sensitive information being updated. Also, in many cases, employees use the same password that they use online for their email accounts, social networking logins, etc. in their workplace so that they can easily remember them – but thus unintentionally compromising the security of their office networks.

A similar analysis (from Wired.com) examined about 10,000 exposed passwords from Hotmail, Live.com and MSN in last October, and found that 123456 was the most commonly used password, appearing about 64 times in the whole lot.

Image courtesy: