Study reveals top 20 most used passwords; 83% can be cracked in a second

Michael Potuck | May 2 2023 – 6:48 am PT

Ahead of World Password Day on May 4, NordPass has released a report showing that “password habits die hard” with a list of the most used passwords in the US and 29 other countries. For the US, many of the usual suspects are on the list, however, this time around “123456” is no longer the most popular password. The study also found 83% of these passwords can be cracked in “less than a second.”

For its study, NordPass says it evaluated over 3TB worth of data with the help of independent researchers to determine the top 200 most used passwords in 30 different countries.

The company notes that “despite growing cybersecurity awareness, old habits die hard. The research shows that people still use weak passwords to protect their accounts.”

The report actually includes the 200 most used passwords for each country, below we’ve got the top 20 in the US. And here are the four major takeaways:

• • “guest” beat out “123456” to be the most popular password among Americans in 2022.

• • Simple combinations of letters, numbers, and symbols, such as “a1b2c3,” “abc123,” or “qwerty,” are highly popular in the US.

• • When creating passwords, people tend to draw inspiration from cultural experiences, lifestyle trends, or recent events, be it sports or fashion. For example, American professional sports team names (i.e., Detroit Red Wings, Boston Red Sox,) or variations of them make extremely popular passwords.

• • 83% of the world’s most common passwords can be cracked in less than a second.

Top 20 most common passwords in the US 

1. guest
2. 123456
3. password
4. 12345
5. a1b2c3
6. 123456789
7. Password1
8. 1234
9. abc123
10. 12345678
11. qwerty
12. baseball
13. football
14. unknown
15. soccer
16. jordan23
17. iloveyou
18. monkey
19. shadow
20. g_czecho

Password checkup tips

Last month we got an idea of how strong password-cracking tools are becoming with the latest AI. Even if you have strong password habits, it’s never a bad idea to do an audit and it’s always helpful to remind less tech-savvy friends and family to:

• • Use 2FA/MFA (non-SMS-based whenever possible)

• • Check your password manager for alerts about compromised or reused passwords (don’t use the same password across different accounts)

• • Use auto-generated passwords as long as possible

• • Update passwords regularly, especially for sensitive accounts

• • Refrain from using public WiFi, especially for banking and similar accounts

Source: https://9to5mac.com/2023/05/02/most-used-passwords-report/