Most people occasionally wonder what the most frequently used passwords are. Such a list would satisfy their curiosity about the way others choose their passwords, but also let them know if theirs are too simple or easy to guess. If so, that leaves them open for an easy account breach, especially if the same simple password is reused elsewhere identically or with small variations. We, and a plethora of other companies and researchers, don’t want that to happen. We urge everyone to create complex, unique passwords and keep them safe. Therefore, we will go over the most common passwords and the psychology behind them.
Where do lists of most used passwords come from?
Lists of commonly used passwords come from reports by companies or independent researchers. Passwords are never tied to usernames, personal information, or e-mail addresses, and are only shown as collectively compiled data. They may release information yearly or after catastrophic events such as data leaks to mitigate damage. Additionally, they often break data down into information on country of origin, gender, age, and approximate time required to crack it.
Who benefits from knowing regularly used passwords?
Users benefit from learning what the most frequent passwords are the most. That lets them know if they’re unknowingly putting themselves at risk by following a pattern or not using intricate passwords. They also get suggestions on how to change their password-choosing methodology. Companies and researchers that provide information on passwords also benefit by drawing donations from companies seeking to protect their users or even offer cybersecurity solutions. Finally, both hackers and well-intentioned password-cracking algorithms and software developers gain insight into users’ password-picking habits.
Top 30 common passwords used in 2022
Here’s a NordPass.com list of the 30 most common passwords in 2022 for all countries:
The full analysis contains the 200 most predominantly used passwords in 2022 and shows that millions of users use the same ones. The bigger the count (the number of passwords within the 3 TB of analyzed data), and the shorter the cracking time, the more urgent a password change is. Other sources such as SplashData, National Cyber Security Centre (NCSC), and Keeper have also published rundowns of the worst passwords to utilize. Although some passwords are a tad outdated, the psychology of picking passwords remains the same. Additionally, we compiled a list of 150+ Wi-Fi passwords you shouldn’t use, and some intersect.
What are the most frequent things in passwords?
The fact that your password doesn’t match a password on the list of common passwords doesn’t necessarily make you safe. The research showed patterns users tend to follow, and if you’re one, your password will be cracked sooner or later. Users tend to enter familiar or convenient things that are easy to remember, but also simple to crack. The most frequent things used in passwords are:
1. Organized or handy numbers
As the list of 30 most commonly used passwords shows, users love using numbers such as 123, 123456789, 123123, 987654321, 111111, 00000, 66666, and 55555. These are easy to type, effortless to remember, and universally present on mobile, desktop, and virtual keyboards, making them a straightforward choice. However, brute force attacks are especially effective at cracking these passwords. Things get worse if they follow some order: ascending, descending, odd and even numbers intertwining, and so on.
2. Intuitive or convenient words
Because ‘password’, ‘password1’, ‘password123’, ‘default’, ‘qwerty’, ‘quertyuiop’, ‘azerty’, ‘welcome’, ‘guest’, ‘asdasd’, ‘iloveyou’, or ‘ghfjkm’ are most widely used passwords worldwide in 2022, they are the most dangerous. They are simple to remember and convenient to type but easily guessed. Brute force programs can crack them under a second, and these are the first thing hackers try.
3. Names or personal information
Names are another thing people use, whether theirs, that of a loved one, pet, or famous one. Research showed that United States residents frequently used names such as Jordan, Hunter, Michael, Anthony, and Maggie. Similarly, Daniel, Jordan, Michael, Jessica, and Marina are commonly utilized names in passwords across the globe.
That applies to names of fashion brands, pets, products, services, artists, movies, cars, food, music groups, or video games. Therefore, research noticed team names such as Detroit Red Wings and Boston Red Sox, brand names such as Aldo, Tiffany, Nike, Gap, Adidas, Zara, and Puma, singers such as Pink, Gaga, Miley, and bands such as Metallica, U2, and Queen in users’ passwords in 2022. Using any represents a quick way to get your account overtaken. Similarly, you shouldn’t use your address, date of birth, or other individual information. Adding the numbers we mentioned above makes the password more complex, but still weak.
4. Pop culture or seasonal trends
Password data analysts also noticed people change passwords based on trends in pop culture or seasons of the year. For instance, ‘Kia’, and ‘Ford’ become prevalent in passwords when those cars are popular. Moreover, people seem more likely to choose season-based events such as ‘Superbowl’ or ‘winter’ when those are in full swing.
What should I do if my password is listed as common?
You should do the following things if your password is listed as common on any list:
1. Change your password immediately
The most important thing to do is to change passwords on affected accounts. If you think you’re in immediate danger or notice suspicious logins or your name in a data leak collection, consider changing it straightaway to anything else. Now that you have the time to think (or if you want to skip that step), pick a password that meets all the requirements below.
2. Pick a strong password you can remember
We went over the rules for creating a strong password. In short, it should be the opposite of the list above—unique to each account, not easily guessed, not in a sequential or simple digit order, and unrelated to you or a word in the dictionary. Make it long and varied, e.g., include symbols. However, do not replace letters with numbers, also known as “l33tspeak”. Such a random password would be hard to memorize, hence we have a guide on easily remembering passwords.
3. Develop an excellent password hygiene
Once your password is safe and complicated to crack, adhere to the best password management practices, such as:
- Don’t reuse passwords
- Use multi-factor authentication
- Update your passwords regularly, e.g., every few months
- Never get tempted to use simple passwords again
- Employ a password manager tool