World’s Worse Passwords Revealed By NordPass

The issue of weak password security has raised its ugly head again, after research from password manager NordPass listed the world’s passwords used in 2020.

And its research makes for grim reading for security professionals, due to the fact that of the 200 worst passwords, “123456” was listed (again) as the most commonly used of 2020.

To make matters worse, a staggering 2.5 million people chose this password, which according to NordPass can take less than a second to crack.

Weak passwords

NordPass conducted its research by examining a database containing 275 million passwords.

It found that top 10 most common passwords were as follows:

  1. 123456
  2. 123456789
  3. picture1
  4. password
  5. 12345678
  6. 111111
  7. 123123
  8. 12345
  9. 1234567890
  10. senha (which is Portuguese for ‘password’)

Most of the passwords on this above listed can be cracked within seconds, the firm warned.

“According to research, the majority of people use simple and easy-to-remember passwords, because it’s convenient,” said NordPass. “But the problem is that most memorable passwords are highly vulnerable to cracking.”

The NordPass research also revealed that last year the password “onedirection” came 184th on the list. But this year, it didn’t make the top 200 list at all.

“Ashley” was the most popular name used as a password last year (26th place). But in 2020, not only did it drop to the 31st position, but was also beaten by “aaron431” (18th place), which became the most popular name for a password.

And the research found that less than half of the passwords (78 of them) were new to the 2020 “most popular” list.

Strong passwords

NordPass recommends that people avoid using dictionary words, number combinations, or strings of adjacent keyboard combinations. For example, “password”, “qwerty”, or “123456” are terrible passwords, as they are too easy to crack.

Also, people are advised to refrain from repetitive characters, such as “aaaa” or “123abc”, and under no circumstances choose passwords based on personal details that might not be completely confidential, such as your phone number, birth date, or name.

The best way to create strong passwords is to never reuse passwords across multiple accounts.

NordPass says people should create a unique one for each account and make them long – don’t settle for anything shorter than 12 characters, even more if possible. Throw in a mix of upper- and lower-case letters, numbers, and symbols to significantly lower the risk of getting passwords cracked.

And it advises people to change their passwords at least every 90 days, and maybe consider using a Password Generator to generate robust passwords, or use a password manager to avoid ‘password fatigue’.

Long running problem

Despite this advice, it seems that people rarely change their insecure password practices.

In 2014 for example Silicon UK reported on research that found that “password” was no longer the most popular password on the Internet, having being displaced by the ludicrous “123456”.

Six years on and it remains the most popular worse password.

In 2019 the National Cyber Security (NCSC) published its ‘UK cyber survey’ and revealed the most hackable passwords that people were still using.

It found that 23.2 million people still use “123456” as their password. 7.7 million people use “123456789” and 3.6 million people use “password” as their password.

And the NCSC also found that people are still using very easy to guess passwords, with the top ranking passwords used being names of football teams (i.e liverpool), musicians (blink182), and fictional characters (superman).

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

AT&T Admits Data Breach Impacted “Nearly All” Customers

American telecommunications giant AT&T admits that “nearly all” customer accounts were compromised in 2022 breach

9 hours ago

Elon Musk’s X Breached DSA Rules, EU Finds

X's Blue checks 'used to mean trustworthy sources of information. Now our preliminary view is…

13 hours ago

Japan’s SoftBank Acquires AI Chip Start-up Graphcore

SoftBank Group has purchased another British chip firm, with the acquisition of Bristol-based Graphcore Ltd…

14 hours ago

Samsung AI-Upgraded Bixby Voice Assistant Coming This Year

Samsung reportedly confirms it will launch the upgraded voice assistant Bixby this year, that will…

1 day ago

Next Neuralink Brain Implant Coming Soon, Says Musk

Despite an issue with first Neuralink implant in a patient, Elon Musk says second brain…

1 day ago

EU Accepts Apple’s Legal Commitments To Open NFC Access

Legal commitment over Apple's NFC-based mobile payments system, which is to be opened to rival…

1 day ago