Most Common Passwords of 2020: Is Yours on the List?

Many people use simple and easy-to-remember passwords out of convenience. Keeping track of passwords for every website you visit can be frustrating, and the temptation to use one password for all accounts is always present. But giving in to that compulsion, whether intentional or not, can put you at risk of a cyberattack.

Research conducted by NordPass revealed 200 of the worst passwords still being used in 2020. In addition, the results also show how long it takes for a cybercriminal to crack the password, the number of users, and -even more worrying- how many times the password has been exposed.

At the top of the list of most popular passwords is ‘123456’, which is still being used by over 2.5 million people and has left them open to a cyberattack more than 20 million times. More than 50 passwords on the list consists solely of numbers, either going in order from one to nine, or using simple repetition such as ‘111111’ or ‘000000’. Other easy-to-guess passwords include swear words, names, and even pop culture references (if you thought, ‘starwars’ was difficult to guess then change it, you must).

The vast majority of these take less than a second for cybercriminals to crack, potentially leaving you and your business vulnerable to a threat.

Top 10 Most Common Passwords

  1. 123456
  2. 123456789
  3. picture1
  4. password
  5. 12345678
  6. 111111
  7. 123123
  8. 12345
  9. 1234567890
  10. senha


Take a moment look at your keyboard. Look how easy those passwords are to type in just by pressing the adjacent keys. The results from this study should be a wake-up call to those who are still relying on passwords like ‘qwerty123’ to protect sensitive information. Weak passwords are an easy target for hackers, one simple guess is all it takes to access all your data. If your password has made it on to the list, now is the time to change it and make it more secure. Luckily, creating a stronger defence against hackers is as simple as 1-2-3 (pun intended).


Creating a stronger password

Never reuse passwords across multiple accounts. Create a unique one for each account and make them long —anything shorter than 12 characters can be easily solved. Use a mix of upper- and lower-case letters, numbers, and symbols to significantly lower the risk of getting your passwords cracked. You should also get into the habit of changing your passwords at least every 90 days or implementing a multi-factor authentication method as an extra layer of security.

Another recommendation is to invest in a password manager, which generates strong, unique passwords and stores them securely in an encrypted ‘vault’ that only you can access. A password manager makes it easier to keep track of complex passwords without having to manually type them in every time.

As an extra measure of security, it may also be a good idea to check if your account has been caught up in a data breach using a database service.

About the author

Jessica joined RWA in 2018, having graduated with a First Class Honours degree in Film Studies. Her role as a content designer involves developing new and engaging e-learning modules as well as assisting in the creation of articles for Insight. 

Get RWA Insight In Your Inbox

Regular business news and commentary delivered direct to your inbox each week. Sign up here