Passwords play a crucial role in safeguarding personal information, but many users continue to opt for easily hackable and uncreative choices, according to NordPass’ annual list of common passwords. The analysis, conducted in collaboration with independent researchers, involved examining 4.3 terabytes of publicly available data from 35 countries across eight different platforms. Importantly, no personal data was accessed during this process.
The findings shed light on the lack of diversity and complexity in users’ password choices. Here are some key takeaways:
- Numerical Strings Dominate: The most common password, “123456,” was identified over 4.5 million times and can be cracked in less than a second. “Admin” is another easily cracked password, appearing over 4 million times.
- Common Numeric Sequences: Users often rely on predictable numeric sequences like “1234,” “12345678,” and “123456789” for their passwords, which offer minimal security.
- Words as Passwords: Some users opt for simple words like “password,” which, despite its ubiquity, can be cracked in less than a second. Surprisingly, the password “UKNOWN” takes 17 minutes to crack.
- Minimal Creativity: Even passwords that appear more complex, such as “P@ssw0rd,” are cracked in less than a second and were found 135,424 times.
- Letter Sequences: The keyboard’s top-line letter sequence, “qwertyuiop,” was counted 79,434 times as a password and can also be cracked in less than a second.
NordPass also highlighted regional variations in password choices. In the United States, passwords like “123456,” “password,” and “admin” remain prevalent. Notably, the 16th most common password is “sh**bird,” counted 4,230 times, requiring five minutes to crack.
Moreover, NordPass noted that different platforms influence password habits. For e-commerce sites, the fourth most common password is unsurprisingly “amazon.” Streaming platforms, however, exhibit the least secure passwords compared to other websites, with “netflix” being a popular choice.
While technology is advancing to make passwords more secure, the threat of malware attacks persists. NordPass recommends creating robust passwords with at least 20 characters that include a mix of upper and lower case letters. Users are advised to avoid easily guessable information like birthdays and to create distinct passwords for various platforms to enhance online security.