A stolen trove of passwords released on the dark web has been analysed, and it reveals a dangerous trend in how Aussies choose their passwords.
While we know the wisdom in choosing a more sophisticated password, it seems that thousands of Australians missed the memo this year.
And while you might not guess the most common password found on the Dark Web, the top five is full of extremely simple and predictable options.
The most commonly stolen password for Australians was the six character, no-capitals password - "banned".
This was followed up by a low-effort "123456".
In third place, Australians commonly chose "admin" as their password.
Most of these were easily hackable, with hackers able to crack the majority of them in less than one second.
The data for 2023 was released via online security firm Nordpass, who evaluated a "4.3 terabyte database" to find the 20 most commonly used passwords by Australians.
"The list of passwords was compiled in partnership with independent researchers specialising in researching cybersecurity incidents," the company wrote.
"They evaluated a 4.3TB database extracted from various publicly available sources, including those on the dark web."
These passwords were stolen by theft software, described by Nordpass as "Stealer Malware".
With cybercrime steadily rising, if you see your own password on the list, its time to make a drastic change.
Here's the full list of the 20 most commonly stolen passwords, along with how long it reportedly takes hackers to crack them.
1 - banned (2 Minutes)
2 - 123456 (< 1 Second)
3 - admin (< 1 Second)
4 - password (< 1 Second)
5 - 1234 (< 1 Second)
6 - qwerty123 (< 1 Second)
7 - 12qwasZX (< 1 Second)
8 - 12345 (< 1 Second)
9 - 12345678 (< 1 Second)
10 - qwerty (< 1 Second)
11 - Qwerty123 (< 1 Second)
12 - 123456789 (< 1 Second)
13 - Starwars29 (3 Seconds)
14 - welcome11 (2 Seconds)
15 - ******** (< 1 Second)
16 - Deadman01 (1 Minute)
17 - Password1 (< 1 Second)
18 - 111111 (< 1 Second)
19 - Password (< 1 Second)
20 - abc123 (< 1 Second)