Here are the most common passwords in the world. Check if yours is on the list.

At 22, Cristina Chipurici was running the internet’s most popular music blog. One day, when she woke up and logged into her computer, she found that a former employee had cracked her Gmail password, deleted her blog’s entire database containing thousands of articles, hacked her social media accounts, made heavy payments from her credit card, and basically, left her broke. This happened with Cristina despite regularly updating her passwords and diligently following all the necessary precautions. But most people don’t pay much attention to their passwords, as this 2023 research by NordPass suggests. Their study reveals 200 of the most common passwords people used in 2023, and the list is a bit surprising. 

NordPass is a password management company behind NordVPN. This study, the fifth edition, was carried out by its researchers to explore the future of passkeys. “For five years, at NordPass, we've been mapping out password habits. Sometimes they feel like old tunes that never fade. This year, though, there's an extra layer to the story. We've noticed some patterns, especially on certain platform categories. And with all the chatter about passkeys, one can't help but wonder if there's a better way to do user authentication,” NordPass researchers wrote on the website. Astonishingly, the study revealed that the world’s most common online password in 2023 was “123456.” Plus, it indicated that as many as 70 percent of the passwords in the 2023 list could be cracked in less than a second.

To conduct the research, they compiled a list of passwords in partnership with independent researchers specializing in researching cybersecurity incidents. They evaluated a 4.3TB database extracted from various publicly available sources, including those on the dark web, although no personal data was acquired by the company. In addition to this, NordPass partnered with various third-party researchers and analyzed passwords from a 6.6TB database. 

The resulting list included some of the laziest password combinations such as “1234,” “12345,” “Password,” “Admin,” and more likewise. According to NordPass, 86% of all web app attacks use stolen credentials, and also that passwords make up 18% of the most common items for sale on the dark web. In the “Interesting Findings” section, the company revealed that streaming lovers choose the poorest password credentials. While “123456” was the world’s worst password, “Password” wasn’t any better. “Admin,” which was not in the top 200 list for the past five years, came in second place in 2023. “It’s one of the passwords people do not bother changing,” the report said, per CNBC. “Instead of improving password creation habits, internet users have gone in another direction by sticking to already pre-configured passwords.”

The study also highlighted people's common password habits. For instance, people are habituated to using names in passwords. “Isabella” was the second most used password in Austria in 2023, while “Katerina” stood at the 11th place in Greece, per CNBC. Apart from names, people often make use of combinations of names and numbers, such as “Flores123” occupied the fifth spot in Mexico and “Kento123!” was no. 17 in Malaysia. In China, 11 out of 20 passwords were just numbers. Whereas, in the United Kingdom, password choices reflected people’s love for football, such as “Liverpool,” “Arsenal,” and “Chelsea,” which were all names of English Premier Football Leagues. In the U.S., however, people strangely used “shitbird,” which was in the 16th place.

Researchers noted that while passwords are getting harder to breach due to rapidly evolving technologies, password cracking still prevails to a great extent. A Kaspersky study, in fact, recently revealed that hackers can crack 59% of the passwords in just an hour. Added to it, if the passwords aren't set carefully, the consequences can be as frightening as a science fiction movie playing in real life.