Football fans looking to show their support for their nation at Euro 2020 have been warned not to let their passions leak into their cybersecurity practices.

Security firm Authlogics examined a database of over a billion recently-breached passwords, and found that a striking majority of users had football-themed login credentials.

A large amount of the passwords were simply a user’s favourite club, or a small variation on the team’s name – with the embarrassingly simple password “football” being used in over 350,000 occurrences.

Poor passwords

Authlogics’ report examined The Password Breach Database, a repository of over a billion unique clear text passwords that had been involved in recent breaches.

Delving into the database, the company found that over a million passwords were football-related, many of which severely lacking in detail or imagination, meaning they could easily fall prey to hackers or scammers.

Liverpool was found to be the favourite password for football fans, occurring 215,842 times, ahead of Chelsea (172,727), Arsenal (151,936) and Barcelona (131,090).

“This mind-boggling number of passwords associated with football poses an obvious problem,” Authlogics’ Kate Wotherspoon wrote in a blog post examining the findings. “These breached passwords are obviously insecure due to the breach itself, but they also speak to serious problems for other accounts owned by the compromised individuals.”

The company highlights that having such easy-to-guess passwords can also be a serious concern if users reuse the same one across multiple accounts. All it takes is one site or organisation to be compromised for hackers to potentially gain access to logins across all your other accounts.

The firm is now advising football fans to check the strength of their passwords immediately, and is encouraging the use of symbols or patterns in order to make sure login details are as strong as they can possibly be.