Liverpool or Chelsea as Passwords Can't Save You From Fraud

(Bloomberg) -- British football fans should be wary of rooting for their team by making them a password.

Liverpool, Chelsea, Arsenal, Manchester United and Everton are all passwords that have been compromised hundreds of thousand of times, according to research published by the National Cyber Security Centre (NCSC) on Sunday. Using numbers is even riskier, especially if it’s 123456. The study revealed that the number series was the most cracked password, with 23.2 million people worldwide having experienced a breach.

“Using hard-to-guess passwords is a strong first step and we recommend combining three random but memorable words,” said Ian Levy, the centre’s technical director. “Use words memorable to you, so people can’t guess your password.”

If a fictional character is your idea of a memorable word, you may wish to reconsider since Pokemon and Tigger together accounted for over 500,000 breaches while pop stars’ names such as 50cent or Eminem fell victim 350,000 times.

The five Premier League teams combined accounted for over three quarters of a million breaches, according to the study.

The NCSC also published its first U.K. cyber survey, which revealed that 70 percent of Britons believe they will be a victim of cyber-crime over the next two years, with 42 percent expecting to lose money to online fraud by 2021. Only 15 percent of those surveyed felt they knew enough about how to protect themselves from harmful online activity while one in three relied on friends and family to help.

Young people seemed more likely to be privacy-conscious and careful when it came to what details they shared online.

The NCSC hosts the CYBERUK 2019 conference in Glasgow this week, aiming to improve online safety.

To contact the reporter on this story: Michael Msika in London at mmsika4@bloomberg.net

To contact the editors responsible for this story: Sonali Pathirana at spathirana@bloomberg.net, Steve Geimann

©2019 Bloomberg L.P.