Bigbasket is the 4th most used password in India

Indian internet users continue to use easily hackable password options such as “password” and its variants such as "Password@123," "password123," "Password@1," and "password1" to secure their online accounts, claims a new report on most common passwords of 2022 by Nord Security’s password manager arm NordPass. In 2022, “password” alone was used 4.9 million times by users globally and 3.4 million times in India. The second most favoured password in India “123456” was used 166,757 times, while Bigbasket, which was the fourth most used password, was used 75,081 times.  

Some of the other commonly used passwords in India, as per the report, include “123456”, “bigbasket”, “qwerty”, “anmol123” and “googledummy”. According to NordPass, most users prefer convenient passwords that are easy to remember and use, which explains the use of easy keyboard combinations of numbers, letters, and symbols. Many users also prefer country names in their passwords such as “Indya123” and “India@123.” 

NordPass’ findings show that 73% of the 200 most common passwords used in 2022 are the same as last year. They also found that 83% of the passwords in the list can be cracked in under a second. Use of bigbasket as the fourth most used password in India is a reflection of changing consumer habits and growing use of grocery apps after Covid-19.

Also read: How to secure your enterprise against password stealing attacks

Further, the report found that many users like to express love or hate through passwords. For instance, “iloveyou” and its translations in other languages are widely used in many countries, including India, where “iloveyou” was ranked at number 81. On the other hand, in the US, Canada, and Australia, “fuckyou”, “fuckoff” and “fuckyou1” were found to be used by many.  

For their research, NordPass compiled a list of passwords in collaboration with independent researchers specialising in cybersecurity incidents. They analysed a 3TB database of passwords to carry out a statistical analysis based on countries.  

Though the use of easily predictable characters as passwords is alarming keeping in mind the massive increase in cyberattacks on individuals and organisations, Ieva Soblickaite, chief product officer at NordPass, noted that passwords are getting harder to breach due to rapidly evolving technologies such as Open Authentication 2.0. It is one of the reasons why the sample of passwords available in the public domain for analysis was much smaller compared to previous years, said Soblickaite.  

Soblickaite explains that more websites are now using Open Authentication 2.0, which is an industry-standard that allows websites and apps to access user resources hosted by other web apps, without sharing their passwords.