10 most common passwords to avoid in 2023
These are the passwords hackers look to exploit
Online authentication is still dominated by passwords, but passkeys could eventually replace them. However, it is important to note that there are good and bad passwords. Fortunately, companies like NordPass regularly release lists of commonly used passwords to help users avoid them.
NordPass recently published a list of 200 common passwords, categorized by country or overall usage, along with the estimated time it takes hackers to crack them. Unsurprisingly, "password" topped the list, followed by "123456" and "123456789".
What's in the numbers?
The NordPass team worked closely with cybersecurity experts to compile a list of the most dangerous passwords currently used worldwide. The analysis was based on a 3-terabyte database of passwords, and while some of the results may be surprising, it’s not unexpected which passwords are near the top of the list.
When compiling its research, NordPass looked at common passwords in 30 countries. and even broke them down by gender.
The top 10 most common passwords worldwide are:
- "password," guessed in less than one second, used by nearly 5 million people.
- "123456," less than one second, 1.5 million
- "123456789," less than one second, 413,000+
- "guest," 10 seconds, 376,000+
- "qwerty," less than one second, 309,000+
- "12345678," less than one second, 284,000+
- "111111," less than one second, 229,000+
- "12345," less than one second, 188,000+
- "col123456," 11 seconds, 140,000+
- "123123," less than one second, 127,000+
Behind the passwords
According to NordPass, current events sometimes play a role in password generation. It notes, forever, that "tinder" is a very popular password on ... Tinder. Terms like "batman," "encanto," and were also used that represent two popular movies and a successful HBO TV series, respectively.
Additionally, users often turn to other familiar topics to choose passwords. These include sports teams, food items, swear words, shopping brands, and video games.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
In the United States, "guest," ranked No.1, followed by "123456." In the United Kingdom, the top two reflected the world's top selections, "password," and "123456."
Naturally, some passwords on the top 200 lists are regional ones such as "liverpool," "amour," and "basketball," while still others are combinations of two bad passwords like "qwerty123," "123qwe," "password1," and "abcd1234."
Among the strangest common passwords that made the list are "killer,"
A good rule of thumb: if your password(s) are on the NordPass list, it's probably best to change it to lower your risk of problems.
Selecting a better password
Rather than using a common password, consider enlisting a password manager. These tools, many of which are free, have various benefits starting with adding convenience. Many popular password managers have the ability to automatically input your login credentials for websites and passwords. This feature saves you time and eliminates the inconvenience of logging in.
Additionally, password managers are proficient at creating robust and unique passwords that are much harder for hackers to crack. With password managers being available on various platforms, you no longer need to remember or jot down your passwords.
Even if you choose not to use a password manager, NordPass offers suggestions for crafting them, including:
- Using the same password for multiple accounts can make it easier for hackers to gain access to all of your accounts. If even one account is compromised, all of your other accounts are put at risk. It’s important to use unique passwords for each account to increase security.
- It’s important to periodically review your accounts and determine which ones you still actively use and which ones you no longer need. Neglected accounts can pose a security threat as you may not be aware if they are compromised.
- It is important to consistently evaluate the strength of your passwords. Recognize any passwords that are weak, reused, or outdated, and enhance your online safety by creating new, intricate passwords.
You might also be interested in the best internet security suites and the best secure browsers.
Bryan M. Wolfe is a staff writer at TechRadar, iMore, and wherever Future can use him. Though his passion is Apple-based products, he doesn't have a problem using Windows and Android. Bryan's a single father of a 15-year-old daughter and a puppy, Isabelle. Thanks for reading!