Services

9

IT Managed Services

9

Compliance

9

Cybersecurity

9

Cloud & Network

9

Backup & Disaster Recovery

9

Business Communications

9

Web Design

9

Web Services

Expertise

9

Manufacturing

IT & Compliance support tailored for Manufacturers

9

Healthcare

IT & HIPAA support for Healthcare Practices

9

Public Sector

Specialized technology solutions & support for the particular needs of Government and other Public Sector entities

About

9

About Us

9

Legacy Brands

9

CloudTotally

9

River City Digital

9

MyRealTown

9

SilverGear

9

Testimonials

Resources

9

Hey Soteria blog

9

Events

9

Videos

9

Books

9

Referral Program

9

Partner Resources

9

Bill Pay

Contact

9

Contact Service

Call 316.448.7944

help@heysoteria.com

9

Contact Sales

Call 316.816.2600

sales@heysoteria.com

 

9

1815 E Central • Wichita, KS • 67214

The Worst Passwords of 2023

Cybersecurity , Tips

December 26, 2023

Golden Statuette and Stars on Yellow Background

This year’s list of the world’s most common passwords is out!

Is your favorite on the list?

NordPass just released their annual list of the Top 200 Most Common Passwords! Now, if you’ve never seen it, every year NordPass partners with cybersecurity researchers to go over several terabytes of stolen password data, all publicly available, to look for the most commonly used passwords worldwide.  Will there be surprises this year?  Let’s find out!

Top 10 Most Common Worldwide

  1. 123456
  2. admin
  3. 12345678
  4. 123456789
  5. 1234
  6. 12345
  7. password
  8. 123
  9. Aa123456

Top 10 Most Common in the USA

  1. 123456
  2. password
  3. admin
  4. 1234
  5. UNKNOWN
  6. 12345678
  7. 123456789
  8. 12345
  9. abc123

Congrats 123456 for winning again! The undisputed King of Bad Passwords, 123456 has held the crown 4 out of the last 5 years. Otherwise, looks like a lot of old favorites here!  UNKNOWN is an interesting addition, and the only one on either list that NordPass estimates would take longer than a fraction of a second to crack.  (At 17 seconds, it’s still not great, and being on this list means it’s one of the first someone will try in a brute force attack so this is hardly a recommendation.)

Hopefully it goes without saying that all of these are laughably terrible passwords and we should all know better but here is proof that over 4.5 million people are still rocking 123456 in 2023. 

Something new that NordPass did this year, was to look at how password trends diverge depending on what sort of thing they are used for. They compared Ecommerce, Social Media, Financial, Email, Gaming, Productivity Tools, Smartphone, and Streaming.

 

So what can we learn here?

Ecommerce – Please don’t use the name of the shopping site as your password.  Apart from variations on 123456, amazon was the top used password in this category.  amazon123 and Amazon@123 are also really high on the list, so please please please just do not.

 

Social Media – This one seems heavy on numerical passwords.  I see you 1122334455, you are not fooling anybody.

 

Financial – You guys, this is your money! P@ssw0rd and paypal123 are not going to cut it. Batman11 is surprisingly common here too.

 

Email – Considering how many of us still have the email addresses that 14 year old us though were cool, I expected to see some goofy stuff here, but it was surprisingly tame. ****** , lol12345, and fortnite stood out.

 

Gaming – Maybe due to inputting these on a controller instead of a keyboard, most of these are numerical or a variation on qwerty.  Up your game, gamers.

 

Productivity – Not at all surprised to see Zoom2020 high on this list.  BTW, changing the year on that one doesn’t make it any better.

 

Smartphone – Using the phone name is a big trend here. Apple2020, Samsung1, Iphone1234, etc.

 

Streaming – NordPass even noted that people seemed to be strong password haters in this category. They are really short and really basic, even compared to the Top Ten.  Let’s try to do better than netflix or 101010, mmmkay?

Check out the list for yourself

As fun as it is to make fun of bad passwords, how do you make sure yours are good?

I’m glad you asked.  I did a whole blog series about that a while ago, that you can visit here:

Bad Passwords 2021 Bad Passwords 2: what makes a good password? Bad Passwords 3: MFA Bad Passwords 4: SSO

 

That said, here’s the TL;DR:

 

  • Get a password management program.  Some good ones include 1Password, Keeper, and yes, NordPass. They can help you generate good passwords and store them for you so you only have to remember your master password. Some will let you know if your password has been leaked on the dark web, and can suggest when it’s time to update.
  • Don’t reuse passwords across sites. Don’t even use a variation.  If one gets leaked or hacked, they are all at risk.
  • If you don’t have a password management program, learn how to make good passwords. Check out #2 in our blog series, it talks about what makes bad passwords bad, so we know what common pitfalls are and how to avoid them.
  • Go through your passwords every once in awhile, and change out any old, sad ones.
  • Use MFA (Multi-factor Authentication) if possible, especially for financial or other important sites.

This post, like all our posts, is 100% written by a human.

Like What You See? Sign Up For Our Newsletter!

News, Events, Tips from the Techs and more, delivered to your email once a month. Absolutely No Spam!

Newsletter Signup

Related Posts

What else is happening in

The Blog