Predictable passwords: which seasons and months are most common in compromised passwords?

(Last updated on February 1, 2021)

Summer reigns supreme among passwords. Today, on international #ChangeYourPasswordDay, Specops Software has released the latest breached password analysis data.

“There is an ongoing debate about whether passwords should be changed at regular intervals, since forcing users usually results in very predictable password selection patterns,” said Darren James, Product Specialist at Specops Software. “Today’s data set analysis reflects this very common human password behavior and underlines the importance of blocking such easy-to-guess passwords from being used in your network.”

Summer was found to be the most popular season when looking at a password set of over 800 million leaked passwords.


Our team discovered which month of the year was most popular in passwords. May topped the list across multiple languages – English, German (Mai), French (Mai); whereas Swedish and Spanish preferred July (Juli) and June (Junio) respectively.


The 800 million leaked passwords analyzed for these findings are a subset of the more than 2 billion compromised passwords found in Specops Breached Password Protection. The analysis looked at any password that contained seasons or months as part of a longer password.

“The debate around changing passwords is centered in the belief that passwords don’t ever need to be changed if you’re using a 3rd party breached password list,” said Darren James, Product Specialist at Specops Software. “While we of course advocate for the use of a list like that with Specops Breached Password Protection, the truth is that compromised password list attacks are not the only way attackers are attacking your network.”

The average time to discover a breach has occurred is 206 days, according to IBM.

“Changing passwords at regular intervals in addition to using a 3rd party breached list is one way we see IT admins mitigating against that fact,” continued James.

Specops Password Policy offers customizable password expiry settings including length-based password aging and custom email reminders. With Breached Password Protection, Specops Password Policy can also block the use of over 2 billion known compromised passwords.

Find out how many compromised passwords (like these) are in use in your environment by running a free read-only scan of your Active Directory with Specops Password Auditor.

About Specops Software

Specops Software is the leading provider of password management and authentication solutions. Specops protects your business data by blocking weak passwords and securing user authentication. With a complete portfolio of solutions natively integrated with Active Directory, Specops ensures sensitive data is stored on-premises and in your control. Every day thousands of organizations use Specops Software to protect business data.

Media Contact Aimée Ravacon, Specops Software, +46846501241
Aimee.ravacon@specopssoft.com

Back to Blog