A new cybersecurity study has revealed a frightening reality for internet users worldwide: 68% of passwords can be cracked within a day. The report, published by Kaspersky, analysed 231 million leaked passwords collected between 2023 and 2026 and uncovered alarming trends in how people create passwords online.
The findings show that many users still rely on weak and predictable password habits, making it easier for hackers to break into accounts using brute-force and AI-powered attacks. Experts warn that even passwords following basic security rules are no longer enough to guarantee protection.
Common Password Habits Making Accounts Vulnerable
According to the research, most compromised passwords either start or end with numbers. Around 53% of analysed passwords ended with digits, while 17% began with them. Simple combinations like “1234” and keyboard patterns such as “qwerty” remain among the most frequently used choices.
The report also found that many people use emotional or trendy words in their passwords. Positive words like “love”, “magic”, “angel”, and “star” appeared repeatedly in leaked passwords. Internet trends are also influencing password choices, with the word “Skibidi” increasing dramatically in usage over recent years.
Why Weak Password Patterns Are Dangerous
Cybersecurity experts say predictable symbols and number placements make passwords easier to crack. The “@” symbol was the most commonly used special character, appearing in 10% of leaked passwords.
Alexey Antonov explained that cybercriminals use smart algorithms that can quickly guess common password structures. When users rely on familiar patterns, attackers need far less time to gain access to accounts.
AI-Powered Attacks Are Changing Cybersecurity
The report also highlighted the growing role of artificial intelligence in cyberattacks. Traditionally, longer passwords offered stronger protection. However, modern AI tools can now crack over 20% of 15-character passwords in less than a minute.
Short passwords containing fewer than eight characters are especially vulnerable and are often broken within hours through brute-force attacks.
How Users Can Create Stronger Passwords
Cybersecurity specialists recommend using randomly generated passwords with a mix of uppercase letters, lowercase letters, numbers, and uncommon symbols. Password managers and dedicated password generators are considered the safest options for creating secure credentials.
Experts also advise avoiding names, dates, trends, and keyboard sequences in passwords, as these remain the first combinations hackers attempt during attacks.
The latest findings from Kaspersky serve as a serious warning for internet users everywhere. With 68% of passwords able to be cracked within a day, relying on predictable patterns is becoming increasingly risky. As AI-driven cyber threats continue to evolve, creating strong and unique passwords is now more important than ever for protecting personal and financial information online.
