Password management company NordPass has urged the general public not to include people's names in their passwords.
Research released by the company found thousands of netizens worldwide are opting to protect their sensitive information with a password that includes a name.
According to NordPass, the name that cropped up most frequently in passwords is "Ashley." The company discovered that the gender-neutral moniker was used 94,557 times to protect sensitive data.
The second most common name, used 78,914 times, was the similarly gender-neutral "Charlie." The third and fourth most popularly used names, employed 71,035 times and 64,992 times respectively, were Michael and Nicole.
Other gender-neutral names that featured heavily in passwords were Jordan—used 58,698 times—and Taylor, which appeared 46,375 times.
Traditionally gender-specific names commonly used in passwords included Jessica, Hannah, Michelle, Daniel, Justin, and Joshua.
The names correspond quite well with the US Social Security Administration's list of 100 most popular given names for babies born from 1919 to 2018. For example, Ashley ranks 17th, Michelle ranks 21st, and Nicole ranks 39th on the list of names for girls. For boys, Michael ranks 4th, Charles ranks 10th, and Jordan comes in at 83rd.
Passwords based around names are easier for cyber-criminals to crack as the combination of characters is more predictable.
According to the Department of Homeland Security, "most people use passwords that are based on personal information and are easy to remember. However, that also makes it easier for an attacker to crack them."
Ruby Gonzalez, head of communications at NordVPN, said people's names were just one on a list of things that should be avoided when choosing a password.
“While choosing your own, your girlfriend’s, or daughter’s name as a password might seem a good idea as you’ll never forget it, it’s also a great way to make a hacker's job easier. As it’s a very obvious choice, the victim’s or their relative’s name will be one of the first options hackers will try,” says Ruby Gonzalez, head of communications at NordVPN.
“People also shouldn’t use any other obvious choices, such as their address, favorite band, sports team, pet's name, the word 'password,' and any alternations of it.”