Common passwords like "123456" and "admin" take less than a second to crack, research shows

Google checks passwords against compromised data

Passwords help protect some of our most personal information, but often times they don't actually end up being that personal — making them very easy to circumvent. 

NordPass, a company that helps users generate passwords and keep them secure, has put out its annual list of common passwords, and it shows that many are lacking creativity. 

NordPass partnered with independent researchers who analyzed 4.3 terabytes of data taken from publicly available sources; the company said no personal data was taken during the process. Analyzing data from 35 countries and eight different types of platforms, the company found the most common passwords are often strings of numbers.

The most common, "123456," was counted more than 4.5 million times. According to NordPass, it takes less than one second to crack it. The password "admin" is just as easy to crack and was counted more than 4 million times. Then come strings of numbers like "1234," "12345678" or – as if it makes a major difference – "123456789" that are also very common. 

Also on the list are words like "password," which still takes less than a second to crack, and "UKNOWN," which takes 17 minutes.

If you think "P@ssw0rd" is getting creative, it's not. It still takes less than a second to crack and was counted 135,424 times.

Most of the most common passwords on the list are series of numbers. But how about a series of letters? If you run your finger across the top line of letters on your keyboard, you get "qwertyuiop" — a password that was counted 79,434 times and takes less than a second to crack. 

NordPass also filters its password data by country. In the U.S., the usual suspects like "123456," "password," and "admin" are at the top of the list. But the 16th most common password may come as a shock: "sh**bird." This password was counted 4,230 times and takes five minutes to crack.

NordPass also says different platforms can influence password habits. The fourth most common password for e-commerce sites, like Amazon, is... wait for it: "amazon."

For streaming sites, one of the most common passwords is "netflix." Streaming sites have the the least secure passwords compared to other websites, NordPass says. 

The trends in this year's report don't stray far from NordPass' past reports. Passwords like "12345" and "password" are always among the most common. 

NordPass says technology is evolving so passwords are getting harder to breach, but malware attacks are still a threat. They recommend creating strong passwords that have 20 characters and mix upper and lower case letters. It's also advised not to use birthdays or other easily guessable information, and to create different passwords across platforms. 

f

We and our partners use cookies to understand how you use our site, improve your experience and serve you personalized content and advertising. Read about how we use cookies in our cookie policy and how you can control them by clicking Manage Settings. By continuing to use this site, you accept these cookies.