Urgent password warning as experts tell millions to change their code

READ MORE — Aldi shoppers praise 'hysterical' Valentine's Day Specialbuys product

The company categorised passwords into groups, and those named after beloved pets or terms of endearment are the least secure.

The three most commonly used pet names around the world were found to be Angel, Baby, and Love.

Coming in at second are passcodes based on names, followed by animals, emotions and foods.

The most frequently used names that are easily guessed are Alex, Anna, and Sam, while passcodes that include the names of animals such as dog and cat are also not secure.

NCSC figures have also revealed the five most frequently used hacked passcodes.

As expected, easy to remember phrases and numbers such as 123456 and 'password' make for poor passwords.

Here are the top five commonly hacked passwords with the most users:

1. 123456 (23.2million users)
2. 123456789 (7.7million users)
3. Qwerty (3.8million users)
4. Password (3.6million users)
5. 1111111 (3.1million users)

Speaking about the findings, chief information security officer at Dojo Naveed Islam said: "Passwords are the digital keys for just about everything on the Web, from checking emails to online banking.

"The surge in online services has resulted in a proliferation of password usage. This has resulted in password fatigue - the feeling experienced by many people who are required to remember an excessive number of passwords as part of their daily routine.

"To cope with password fatigue, people reuse the same password across multiple websites, using simple and predictable password creation strategies. Attackers exploit these well-known coping strategies, leaving individuals vulnerable."

He continued: "Using a password manager to create unique passwords and using multi-factor authentication (MFA) across all websites are some of the recommended ways to improve password security and make it difficult for attackers to steal your passwords and access your data.

"Frequently check a breach notification site to see if any of your passwords have been leaked in any data breaches. If it has, change your password for that account immediately."

Other than exploiting common passcodes, fraudsters also hack into accounts through a number of other methods including social engineering and phishing scams to trick people into handing over their logins and using passwords from data breaches (which are used for other accounts) to access sensitive details.

Those looking to secure their accounts from being hacked should be cautious of any random emails they receive telling them to change their login details or that tell them to follow a link to urgently fix an issue with their account.

A quick glance at where the email in question was sent from can save you a lot of hassle, as oftentimes you'll see the sender hasn't disguised their address well and the message in question isn't from an official email address related to the organisation you're thinking it's from.

If you're in any doubt then you can also contact the firm a scammer is posing as directly via their official website to ask about what you've been sent.

Dojo has also created some Dos and Don'ts to help you create a cast-iron password that will keep you safe from hackers...

How to create a strong password

Good password practice

1. Use a mix of special characters, numbers, capital letters in passwords

2. Aim for a long password with a minimum of 8-12 characters

3. Use multi-factor authentication

4. Use a password manager

5. Check whether your passwords have been compromised

Things to avoid

1. Don’t use personal information in your passwords

2. Don’t use obvious sequences of letters or numbers

3. Don’t tell anyone your password

4. Don’t automatically save passwords to your browser

5. Don’t use the same password across multiple accounts