Kaspersky: 12345 Becomes The Most Generally Used Combination Of Passwords

Illustration of password (photo: Unsplash)

JAKARTA - Kaspersky's latest research reveals that most of the passwords that were broken not only violate password security guidelines, but have also remained unchanged for a long time.

While passwords are still one of the main authentication methods, passwords are no longer at the top in terms of security.

Kaspersky experts analyzed a massive password leak from 2023 to 2025 and identified several recurring patterns, including:

Users often add predictable elements such as numbers, dates, and personal identification to passwords. For example, 10% of passwords in analyzed datasets contain numbers that resemble a date (from 1990 to 2025)

As many as 0.5% of all leaked passwords end with 2024, which is every 200th password!

In addition, the most common combination of passwords is '12345', which drastically reduces cryptographic power and shortens the time it takes for a gross-force attack to succeed.

Among other popular password components are the word 'love' and username, as well as the name of the country which is also often included in the password.

Then, most of the leaked passwords have remained unchanged for years. According to data analysis, the average age of the password found in this leak is 3.5-4 years.

All of these findings highlight the critical vulnerability of password-based authentication when the manufacturing, management, and storage protocols are not strictly followed.

Responding to increasingly strong security needs, Kaspersky advised the public to start switching to password or passkey.

Passkey technology is based on cryptography and biometric keys, and is not susceptible to threats such as phishing or data leakage.