The worst passwords you could have in 2024 — or any year
Don't rely on easy-to-remember passwords too much — because all of us tend to think more alike than we'd think.
(NEXSTAR) — There are few things as annoying as the sheer amount of passwords we need to log in to everything we use these days. You need bank passwords, email passwords, social media passwords — even passwords for smart fans! — and keeping track of all of these gets to be a hassle really quick.
But don't rely on easy-to-remember passwords too much — because all of us tend to think more alike than we'd guess. In fact, password management application NordPass, recently released its sixth annual Top 200 Most Common Passwords list and it turns out a lot of people are picking a lot of the same passwords.
And that makes them very bad for you to use.
To figure out the most common — and most easily crackable — personal passwords, NordPass says it "reviewed and analyzed a 2.5 terabyte database from various publicly available resources, including those on the dark web." The research spanned data from 44 countries and included passwords stolen by malware or exposed in data leaks.
Here are the 15 most common passwords.
Rank Password Time to crack it # of times the password was used 1. 123456 < 1 second 3,018,050 2. 123456789 < 1 second 1,625,135 3. 12345678 < 1 second 884,740 4. password < 1 second 692,638 5. qwerty123 < 1 second 642,638 6. qwerty1 < 1 second 583,630 7. 111111 < 1 second 459,730 8. 12345 < 1 second 395,573 9. secret < 1 second 363,491 10. 123123 < 1 second 351,576 11. 1234567890 < 1 second 324,349 12. 1234567 < 1 second 307,719 13. 000000 < 1 second 250,043 14. qwerty < 1 second 244,879 15. abc123 < 1 second 217,230
It goes without saying that if you're still using passwords like "123456," you should change them soon. But there are other passwords and password styles you should steer clear of.
For instance, you may live for Sunday Night games but don't think "football" is a clever password. Per NordPass' findings, "football" appeared in 59,656 instances and only takes less than a second to crack.
The same goes for words like "princess," "computer" and even "f-ckyou." That last one had over 50,000 instances of its use in NordPass' analysis and that also only takes less than a second to crack.
When it comes to creating more secure passwords, NordPass recommends several options. First, the company says your passwords should always be at least 20 characters long and feature a mix of upper and lowercase letters, numbers and symbols. Avoid common words or easily guessable personal information about yourself.
Additionally, it's increasingly become more feasible for everyday people to use passkeys, which can keep track of dozens of passwords of great length and variation. Unlike passwords, Google explains passkeys allow users to log in to their accounts using other verification means, like a fingerprint or face scan, or via your mobile phone with a PIN.