Skip to main content

These are Canada's most common passwords

It’s World Password Day, and many cybersecurity experts say Canadians should be doing more to make sure they’re using stronger passwords to ensure their personal information is secure.

Whether its for banking, streaming services or social media accounts, many of us have dozens of passwords we use daily, and hackers are always looking for ways to guess what they are.

“The attackers are out there to get your information, to get your identity, and it’s not just consumers, but big companies too," Robert Barton, Chief Technology Officer of Cisco Canada, told CTV News Toronto.

A survey by the network security software company found 54 per cent of Canadians are worried about being hacked on their personal devices. The survey also found many are not taking the proper precautions.

Even though consumers and employees are constantly told how important passwords are, the survey found many people recycle them, use the same ones for different services or just don't try very hard to make them difficult to guess.

“That’s a problem because passwords are so easily phished, socially engineered and yet we still don't seem to be getting the message. We also use some simple passwords to protect our most critical things," Robert Fazlon, Head of Engineering with Check Point Canada, a company that provides cybersecurity solutions and software, told CTV News Toronto.

Fazlon said weak passwords make it easier for hackers to steal money, identities and do major harm to individuals and corporations.

A survey by the Better Business Bureau released in March found the most commonly used passwords in Canada were 123456, password, hockey and Canada.

A survey by Nordpass, a password security company, found the three most common passwords used by Americans in 2023 are guest, 123456 and password. Also in the survey’s top twenty list were abc123, baseball, iloveyou and monkey.

Many companies want to move away from passwords and use multifactor authentication, including biometrics such as facial and voice recognition. Google announced it’s rolling out more supports for alternative sign-in methods, such as face scans and fingerprints, which it calls more secure.

“It's not just what you know, it's also who you are, so that combination of what you know and what you are tends to give you a much better level of security than it could in the past," said Barton.

Scammers are also trying to stay ahead with artificial intelligence using deep fakes and chatbots to launch cyber attacks, which can scour the internet searching for passwords.

"If your passwords have been leaked to any of these lists (on the internet), something like a ChatGPT-based tool can get your password within a matter of seconds, and it's 100 per cent going to do it," Fazlon said.

Until you don't need a password, you're advised to make the ones you use longer, stronger and more complicated with a combination of characters. You should use different ones at least eight characters long for each service you have and change them every at least every three months. Top Stories

Rideau Hall apologizes for honouring Nazi veteran, Trudeau 'carefully' considering unsealing records

Rideau Hall is apologizing for the historic appointment of a man who fought for a Nazi unit in the Second World War, to the Order of Canada. Now, Gov. Gen. Mary Simon's office says it is examining two subsequent medals granted in the last two decades. This, as Jewish advocacy groups say the recent and resurfacing recognitions further make their case for the need to unseal Holocaust-related records.

Canada-India tensions: How we got here and what's at stake

In the past month, Canada has accused the Indian government of being involved in a murder on Canadian soil and India has ordered Canada to remove most of its diplomats from the country. Here's how the two countries got to this point, as well as what's at stake if tensions don't ease.

Stay Connected