Kaspersky has advised internet users in Pakistan to adopt stronger password practices after new research revealed that a large percentage of compromised passwords remain vulnerable to modern cyberattacks. The cybersecurity company shared recommendations focused on improving password complexity, uniqueness, and resistance to brute force and artificial intelligence driven attacks as concerns continue to grow over increasing password related security incidents worldwide.
According to Kaspersky’s latest analysis, modern secure passwords should contain at least 16 characters and include a random combination of letters, numbers, and symbols without repeating predictable patterns. The company also emphasized that users should maintain unique passwords for every online account instead of reusing the same credentials across multiple services. The advisory was based on an examination of 231 million unique passwords exposed in major password leaks between 2023 and 2026. Researchers identified several recurring behaviors among users that significantly weaken account security and increase vulnerability to automated attacks.
The study found that approximately 68 percent of analyzed passwords could be cracked within a single day using current attack methods. Researchers also observed that many compromised passwords either started or ended with a number, a predictable structure that makes brute force attacks more effective. Kaspersky further noted that internet trends and popular culture continue to influence password creation habits. One example highlighted in the report involved the term “Skibidi,” which reportedly appeared 36 times more frequently in leaked passwords during recent years as the online trend gained popularity. Security analysts warned that passwords based on trending words, familiar phrases, or predictable combinations remain highly vulnerable because attackers increasingly rely on intelligent algorithms trained to identify common user behaviors.
Kaspersky explained that while many online platforms now require passwords containing uppercase letters, numbers, and symbols, these requirements alone do not guarantee strong protection against evolving cyber threats. Researchers stated that advances in artificial intelligence have significantly improved password cracking capabilities, allowing attackers to identify predictable patterns even in longer passwords. According to the analysis, passwords with eight characters or fewer can generally be broken in under a day through brute force methods. More concerning for cybersecurity experts is the finding that over 20 percent of leaked passwords containing 15 characters were still vulnerable to AI powered attacks and could reportedly be cracked in less than a minute when they followed recognizable structures.
The company advised users to focus on randomness and uniqueness rather than relying solely on password length or mandatory symbols. Cybersecurity specialists also encouraged the use of password managers and multifactor authentication as additional layers of protection against account compromise. Industry observers note that password related breaches remain one of the most common causes of unauthorized access to personal, financial, and corporate accounts, particularly as cybercriminals increasingly adopt AI assisted attack tools to automate credential theft and account takeover attempts. Kaspersky stated that improving password hygiene and avoiding predictable credential patterns remain essential steps for reducing exposure to modern digital threats.
Follow the SPIN IDG WhatsApp Channel for updates across the Smart Pakistan Insights Network covering all of Pakistan’s technology ecosystem.
