Rights & Money

The Most Common (and Worst) Passwords

If your password is on the “Top 200” list, you should change it today

By Caitlin Finlay

Is your online password “123456”? If it is, you should change it right now: it’s the most common password of 2020, used by more than 2.5 million people and exposed more than 23.5 million times.

According to a recently released survey, half of the 20 most common passwords of 2020 involved combinations of numbers 0 through 9, usually in sequential order. These passwords, while common, are far from secure—hackers can crack them in seconds.

Conducted by NordPass, the software company behind an online password manager, the survey compiled the 200 most common passwords of 2020 and their varying levels of security. The survey looked at nearly 275.7 million passwords, which were provided by a third-party company specializing in data-breach research. If your password is on the list of the 200 most common passwords, you should change it to something unique and more complex for better security.

The password “123456” is common because it’s easy to remember—but it’s also easy to crack and so an easy target for hackers trying to get into your accounts. Other common passwords from 2020 included the classic “password,” “qwerty” (top row of your keyboard), and “iloveyou.” New additions to the 2020 list included “picture1,” “aaron431,” “unknown,” and “senha”—Portuguese for password. Common passwords fell into 12 categories: numbers, names, “password,” “qwerty,” random letters, device, sports, swear words, entertainment, positive words, food, and miscellaneous.

Passwords are necessary to protect your personal information and should be as secure as possible to prevent hacking. When creating a password, avoid using repetitions or sequences such as “123123” or “abc123” and never use personal information such as your name, date of birth, address, or phone number.

The most secure passwords are long, with a combination of numbers, symbols, and upper- and lower-case characters. Remember to create a different password for each account so that if one account is hacked, the rest are still protected.

If you’re having trouble coming up with unique passwords, you can use a password generator. Experts recommend that you change your passwords every 90 days. If you’re worried about forgetting passwords, you can use an online password manager to keep a list and these can often autofill your passwords, so you won’t have to enter them. There are many online password managers, so it’s important to do your research to discover which is best for you. Examples of password managers include NordPass, 1Password, Norton Password Manager, and LastPass.

Photo: iStock/designer491.