Recently, the research team at Specops Software unveiled the findings of research regarding the top keyboard walk patterns found in compromised passwords. The team analysed an 800 million password subset from the extensive Breached Password Protection database, encompassing over three billion breached passwords.
Keyboard walk patterns refer to passwords that consist of keys located adjacent to each other on a user’s keyboard. To conduct their research, the Specops team employed a generator to compile a list of common keyboard walk patterns. They specifically focused on patterns comprising at least five characters, as well as phrases that diverged from conventional language usage.
The generated words primarily originated from three prevalent keyboard layouts based on the Latin alphabet:
Qwerty: Widely employed in America and various European regions, albeit with slight modifications.
Azerty: Predominantly used in France and Belgium.
Qwertz: Widely adopted in Germany and Central European countries.
“Keyboard walk patterns are yet another predictable password behaviour,” said Darren James, Senior Product Manager at Specops Software. “Users are human and are motivated to create passwords that are easy to remember. This research shows us just how common strolling along the keyboard is as a tactic for creating memorable passwords.”
Among compromised passwords, the most frequently encountered Qwerty keyboard walk pattern was “qwert,” surpassing one million instances. Following closely was “qwerty,” observed in compromised passwords over one million times, followed by “qwertz,” “werty,” and “asdfg.”
In terms of Azerty keyboard walk patterns found in compromised passwords, the top three were “xcvbn” (discovered over 143,000 times), “asdfg,” and “tress.”
Similarly, among Qwertz keyboard walk patterns, the leading three were “qwert” (found over 1.4 million times), “asdfg,” and “xcvbnm.”
Darren James continues: “we encounter keyboard walk patterns in compromised password data due to the inherent human nature of users. Unfortunately, attackers are also aware of this behaviour. Any IT team seeking to fortify their defences against this prevalent password practice would be wise to block these specific patterns. Furthermore, more astute IT teams should go a step further and ensure the prohibition of any known compromised passwords.”