19 billion passwords were leaked in 2025

In an online world full of hackers, bots and data injuries, it seems that many of us still work on passwords such as casual acquaintances that recycled unforgettable, predictable and far too often. A new cybernews study in which more than 19 billion passwords are analyzed found A disturbing trend, only 6% of these passwords were unique, the remaining 94% were repeated Or reused. This led to disasters that could have been prevented beforehand. If passwords are the passwords to our virtual existence, we may avoid leaving them at the footmate.

The enormous size of the reused passwords has made the login information a concern. Despite the success rates of only 0.2%, attackers can kidnap thousands of accounts, especially if you have automated tools that support you. Cybernews researchers add that most passwords are usually within the character of 8 to 10 and consist of combinations of small letters and numbers that are simple, which means that they are particularly susceptible to brute force attacks.

Common passwords

The most frequently used passwords indicate A strange trend. In addition to “123456”, other passwords such as “password” and “admin” were each needed Ten million times. Names like “Ana” were used 178.8 million times, and words like “love”, “freedom” and references to pop culture such as “Batman”, “Mario” and “Thor” were also widespread. Even obscene words are often selected as options, with the term “ASS” being used 165 million times. The analysis also showed frequent use of holiday words, food and names of cities that offer hackers more entry points. More than 10 million passwords contain The term “Apple“While” Rice “and” Orange “were used in millions of others.

History of password and leaks and their effects

Rockyou2021 (2021)

In June 2021, 8.4 billion password was called Rockyou 2021 leaked On a Hackers forum. The data did not come from a single incident, but merged passwords from several older violations. This made it much more dangerous to use the login information fulfillment, where attackers try stolen passwords on websites. In response to this, cybersecurity specialists urged a broader provision of multi-factor authentication (MFA), the more general use of password managers and the compliance with updated nist standards that called for strong, individual passwords.

Kamm (2021)

The “compilation of many violations” (comb) leaked In early 2021 unveiled More than 3.2 billion email password pairs, which were compiled from several previous violations of companies such as Netflix and LinkedIn. The strongly structured nature of the data made it easier to automate phishing and login information from attackers. The attack led to a stricter enforcement of violation of violation in accordance with models such as the GDPR and California CCPA as well as a stronger focus on cyber security training and closer company guidelines for data protection.

Yahoo Breach (2013–14)

Yahoo suffered one of the most catastrophic single organization hacks in history and had an impact on all 3 billion in his user accounts. The chopped information contain Hashed passwords, security questions and security emails. Hack, unveiled in 2016, injured Yahoo's reputation and lowered his acquisition value in the Verizon transaction. Subsequently, Yahoo forced compulsory change of passwords, switched to more robust encryption protocols and was cited by the US Securities and Exchange Commission (SEC) in requirements for better announcements about corporate violations.

In view of the number of decreased login information that increases daily, experts warn that it is no longer the choice of being complacent about the safety of the password. It is time to solve lazy password practices and secure secure as a habit not to consider it as a subsequent thought. Cyber ​​security is no longer just a responsibility for the IT sector, but now is everyone's business.