123456 most 'leaked' password in Vietnam: ministry

By Luu Quy   July 14, 2022 | 05:18 pm PT
123456 most 'leaked' password in Vietnam: ministry
A person types a password into a laptop. Illustration photo by Shutterstock
‘123456’ was among the most leaked passwords in Vietnam, with over 3.4 million uses last year, posing a cybersecurity risk that hackers can exploit, the information ministry said.

At a conference on password-less authentication Wednesday, Nguyen Thanh Phuc, head of the organized by the Authority of Information Security (AIS) under the Ministry of Information and Communications , said 42.1 million passwords by Vietnamese were leaked in 2021.

The most common password among these was "123456", which was used over 3.4 million times, he said, citing a report by NordPass.

Phuc said it was a worrying scenario, considering how many human activities happen online nowadays. Around 80 percent of data leakage incidents have to do with weak passwords, he said, citing a 2021 report by Verizon.

Vietnam is among the top target countries for cybercriminals, Phuc said. Within the first half of this year, the AIS had dealt with 506 websites masquerading as finance and banking organizations, helping prevent 1.5 million Internet accesses to such fraudulent websites, he added.

"When everything can happen online, the risk of registration info being stolen is always present through security vulnerabilities, password usage patterns and scams," Phuc said.

With current advancements in computational capacity, algorithms used to protect passwords could be breached very quickly.

Passwords also require users to actually remember them across multiple devices, and password management also imposes costs on organizations and businesses. A large organization would need to spend around a million U.S. dollars a year on average for password management personnel and infrastructure, Phuc cited a report by Forrester as saying.

Therefore, Vietnam needs to develop password-less authentication methods as a solution to the problem, he said. Different methods of password-less authentication include biometric authentication (fingerprints, for instance) and the use of physical keys.

"Authentication methods using usernames and passwords are gradually being replaced by password-less authentication," said deputy information minister Nguyen Huy Dung, adding that this was becoming a global trend.

go to top