Hackers and the Passwords They UsePasswords are the Achilles’ heel of the average hacker.

Just think how unfair it would be, if hackers were able to break into other people’s accounts while at the same time they were protected by strong login credentials. As it is, a recent study reveals that hackers are just as much at risk as the average person that some bad guy is going to hack their accounts.

That makes us giggle. :-)

They’re bad guys, so we get it that they don’t do the right thing and use a password manager. (That would be like bank robbers in the movies buckling up before flooring the gas pedal.) We just thought they might be a bit more sophisticated in their online security. You know – being smarter because they would want to avoid the pitfalls of bad passwords that they exploit in their attacks on other people.

Kudos to Avast blogger Antonin for taking a look at the strength of hacker passwords! He went through years of password data collected by the Avast antivirus team and did a bit of analysis on the numbers.

Some of the findings:

  • Just like Auntie Em, hackers gravitate to the sweet spot of 6 characters long. (5 characters came in second place.)
  • Hackers don’t like to mix it up: they mostly use only lower case letters. When they do use upper case, then they use caps for the entire password string.
  • They don’t always use numbers, but when they do, they prefer the number 1.
  • English is the preferred language for hacker passwords.

It’s almost a relief to know that bad guys are just as lazy with their passwords as the average person.

Of course, we’re not talking about you! You’re not average precisely because you do use a password manager.

The next study we’d like to see is to find out if hackers share their passwords with their sweethearts.