Kaspersky’s latest password study revealed a simple pattern: over half of leaked passwords end with numbers. he analysis of 231 million leaked credentials shows how predictable patterns make it easier for attackers to crack accounts.
Most users append simple sequences like “1234,” birthdays, or years to their passwords. This practice creates weak combinations that brute force and AI‑driven tools can break in minutes. Even longer passwords lose their strength when they follow obvious structures.
The report also found common use of keyboard shortcuts like “qwerty” and trending words from internet culture. Positive words such as “love” and “angel” appeared more often than negative ones, showing how personal preferences influence password choices. But regardless of sentiment, predictable endings remain the biggest weakness.
Kaspersky warns that these habits make passwords highly vulnerable. The company recommends using long, random passphrases with symbols and intentional misspellings.
Avoid placing digits at the start or end, and skip common substitutions like “@” for “a.” Enabling two‑factor authentication (2FA) and using password managers add extra protection.
Also Read: Most passwords can be cracked in under 24 hours, says study
The takeaway: numbers at the end of passwords may feel convenient, but they’re also the easiest to guess. Attackers are now using AI, so stronger password practices are no longer optional.
