For consumers, passwords are a relatively recent phenomenon. It wasn’t until the internet and the rise of online commerce and security that we’ve been tasked with remembering dozens of access codes to financial institutions, email accounts, streaming services, and retailers.
For too many people, that arduous task is resolved by choosing an easy password. How easy? Cybersecurity firm NordPass recently examined data culled from online security incidents in 30 countries to determine how often certain easy-to-guess passwords are used.
The top 50 found in the United States are below, all of which violate the cardinal rules of strong password protection like making them long, nonsensical, and alphanumeric. If any of these look familiar, change yours. (Which you should do often anyway.)
- guest
- 123456
- password
- 12345
- a1b2c3
- 123456789
- Password1
- 1234
- abc123
- 12345678
- qwerty
- baseball
- football
- unknown
- soccer
- jordan23
- iloveyou
- monkey
- shadow
- g_czechout
- 1234567
- 1q2w3e4r
- 111111
- f-ckyou
- princess
- basketball
- sunshine
- jordan
- michael
- 1234567890
- reset
- zinch
- maiden
- 123123
- 81729373759
- superman
- hunter
- anthony
- maggie
- super123
- purple
- love
- ashley
- andrew
- justin
- killer
- pepper
- tigger
- buster
- nicole
Across all countries, password was the most common, with nearly 5 million accounts making the bare minimum effort.
NordPass also found that people rely heavily on fashion brands (Tiffany, Nike, Gap), sports teams, TV show names, and food (pizza, popcorn, potato) to build their passwords. Generally speaking, if a password has words that help you remember, it will probably help a hacker, too.