Today, the Specops Software research team revealed the results of their latest findings on the use of keyboard walk patterns in compromised passwords. The top keyboard walk pattern found in compromised password was ‘qwert’, followed by ‘qwerty’ which found in compromised passwords more than 1 million times.
Keyboard walk patterns are passwords compromised of keys that are located next to each other on the user’s keyboard.
The Specops team analysed an 800 million password subset of the largest Breached Password Protection database, which includes over three billion breached passwords.
To carry out the research, the Specops research team used a generator to create a list of common keyboard walk patterns. The Specops team only looked for patterns that included 5 characters or more, as well as phrases that occur outside of ‘normal’ language.
The words generated came from three common (Latin alphabet) keyboard layouts:
- Qwerty: common in America and many regions across Europe (with slight modifications)
- Azerty: mostly used in France and Belgium
- Qwertz: Widely used in Germany and Central European countries
The top Querty keyboard walk pattern found in compromised passwords was qwerty, which was found over 1 million times. This was followed by qwert, werty, asdfg.
The top three Azerty keyboard walk patterns found in compromised passwords were xcvbn (found over 143,000 times), asdfg, and tress.
Similarly, the top three Quertz keyboard walk patterns found in compromised articles were qwert (found over 1.4 million times), asdfg, and xcvbnm.
“We find keyboard walk patterns in compromised password data because users are human,” said James. “But the danger is that attackers also know this. Any IT team looking to shore up their defences against this particular prevalent password behaviour would be smart to block these specific patterns. Smarter IT teams would go further and make sure to block the use of any known compromised password.”
To protect against breached passwords, Specops suggest using tools that scan for compromised passwords within an organisation.
Earlier this year, Specops released the 2023 Weak Password Report, which found that 83% of compromised passwords satisfy the password length and complexity requirements of regulatory password standards.