Skip to main content

Digital Trends may earn a commission when you buy through links on our site. Why trust us?

Are you using one of these passwords? If so, it’s time for a change

The most common passwords used in 2021 have been revealed, and to call them an embarrassment would be an understatement to say the least.

According to a new report from NordPass, a service that provides a password manager program, a worrying amount of users still rely on extremely weak passwords.

Passwords locked on Mac.
Image used with permission by copyright holder

The top 200 most common passwords of 2021 study, covering 50 countries, reveals that “123456” remains as the most popular password for the second year running. More than 103 million people use it for log-in purposes, even though it’d take less than a single second to crack it.

Recommended Videos

Other frequently used passwords within the top 10 list largely consist of number-based passes like “123456789,” which is utilized by 46 million individuals. The only two that don’t contain a numerical form are “qwerty,” and of course, “password.” They’re applied by 22.3 million and 20.9 million users, respectively. 

When it comes to other bad password choices, a “stunning” number of people opted to make their own names as their preferred password. Elsewhere, Ferrari and Porsche are the most popular car brands in regard to weak passwords.

Unfortunately, passwords keep getting weaker, and people still don’t maintain proper password hygiene.

While the vast majority of the top 200 most common passwords can be cracked in less than a second — or a few seconds in some cases — there are some that would take considerably longer to gain access to. “1g2w3e4r” and “gwerty123,” both used by a million people, would take three hours to crack. Interestingly, removing the “123” from “gwerty” makes it a much easier target, as it’ll only take five seconds to crack.

Rounding out the passwords in the list that’ll take between 1-3 hours to penetrate are “michelle,” “jennifer,” “myspace1,” and “zag12wsx.”

NordPass’s methodology for forming its research involved working with independent researchers who specialize in the cybersecurity incident research field. The most common password list was compiled via an evaluation of a 4TB database containing leaked passes.

“Unfortunately, passwords keep getting weaker, and people still don’t maintain proper password hygiene,” Jonas Karklys, CEO of NordPass told Lifewire. “It’s important to understand that passwords are the gateway to our digital lives, and with us spending more and more time online, it’s becoming enormously important to take better care of our cybersecurity.”

Fixing the problem

So, how does one go about adding additional layers of security that will better protect their passwords? It goes without saying that no one should use “123456” as their entry point for any account — or any of the passwords in the aforementioned report for that matter. Password managers have become commonplace and are usually a reliable resort, while two-factor authentication should also be considered as another safety measure.

When factoring in their security deficiencies, passwords, in general, are naturally the most common target for hackers. In fact, 81% of hacking-related breaches are achieved through weak or stolen passwords.

“The single most common security vulnerability today is still bad passwords.”

“Weak passwords are the entry point for the majority of attacks across enterprise and consumer accounts. There are a whopping 579 password attacks every second — that’s 18 billion every year,” Microsoft detailed in September.

Apple, meanwhile, has integrated a newer form of tech into its devices through iCloud Passkey, which effectively gets rid of passwords and offers a more secure process via Public Key Cryptography.

Apple joins both Microsoft and Google in envisioning a future for passwordless authentication. Software giant Microsoft, for one, has already seen more than 200 million users enabling passwordless login for its services.

“The single most common security vulnerability today is still bad passwords,” Jen Fitzpatrick, senior vice president of core systems at Google, stated in May. “Ultimately, we’re on a mission to create a password-free future.”

Zak Islam
Former Computing Writer
Zak Islam was a freelance writer at Digital Trends covering the latest news in the technology world, particularly the…
Password managers are the new target for hackers
Person using laptop with security graphics in front.

Password managers are one of the most effective ways internet users keep their online lives in order. Many popular services include 1Password, LastPass, and NordPass, which can be used for storing and generating passwords, and recalling login credentials.

However, while you may think your passwords are secure with these platforms, cybercriminals are getting more sophisticated with their methods of hacking password managers and getting access to your digital information.

Read more
Sticky Password vs. Enpass: best one-time purchase password managers
Sticky Password and Enpass pricing appears in a split-screen on a PC monitor.

Sticky Password and Enpass are two leading password managers that offer one-time purchase options. Passkeys have the potential to eliminate the need for passwords, but there are plenty of online accounts that lack passkey support.
The bottom line is you still need a great password manager to streamline account access, protect your logins from hackers, and simplify sharing accounts with family and friends.
Tiers and pricing
Sticky Password has a low-cost annual subscription, a lifetime plan, and a free version. Sticky Password

The price isn’t the only detail that matters when choosing a password manager but a single payment option is hard to beat. Sticky Password’s lifetime plan sells for as low as $40, which is less than an annual subscription to Dashlane. Of course, Dashlane includes a premium VPN to help offset the expense.

Read more
If you use one of these passwords, hackers will love you
Username and password on a tablet screen.

You would think that at this point, people would be using stronger passwords. Sorry to disappoint you, but according to NordPass' annual list of the world's most popular passwords, the unoriginal choices are a letdown.

123456 is the back-to-back champ for the most common and easiest password. But on the bright side, at least "password" doesn't have the No. 1 spot like it did in the past. The remaining top spots go to passwords such as:

Read more