The Most Common Passwords – The Weakest Passwords in 2024

Why Trust Techopedia
Why Trust Techopedia

Using the most common passwords exposes you to major threats on the internet, including having your accounts hacked and your identity stolen. Unfortunately, many people unknowingly use weak, easily guessed passwords, leaving their accounts vulnerable to hackers and fraudsters.

This article covers some of the most common passwords and provides tips on fixing weak passwords and creating strong alternatives. We also highlight the importance of using a reliable password manager to enhance your online security. Do you use one of the most common passwords?

Total Password – Robust Solution for Comprehensive Password Security

30-Day Money-Back Guarantee
Get the deal

1Password – Top Password Manager for Families and Teams

14-Day Free Trial
Get the deal

NordPass – Powerful, Affordable Password Manager

Free-Forever Plan
Get the deal

Key Takeaways

  • Understand the risks – Hackers can steal your personal information, financial data, and even your identity if you use weak passwords.
  • Avoid common pitfalls – Never use simple patterns, personal information, or the same password for multiple accounts.
  • Prioritize complexity – Mix upper and lowercase letters, numbers, and special characters to make your passwords harder to crack.
  • Employ a password manager – These tools can securely store and generate unique passwords for all your accounts.
  • Change passwords regularly – Regularly updating your passwords adds another layer of defense.

The Impact of Selecting a Common Password

Choosing a common password is like leaving your front door unlocked – it’s an invitation for cybercriminals. At least 80% of all data breaches can be attributed to compromised passwords.

Hackers use sophisticated tools and strategies to crack weak passwords. This can include using tranches of encrypted passwords exposed in data breaches, running common passwords through the same encryption process, and identifying which logins from the data breach match. These brute-force attacks are able to reveal a shockingly large percentage of passwords.

Having access to your login details can give hackers access to:

  • Personal information – Your email, social media accounts, and other online profiles may contain sensitive data like your address, phone number, and your birthdate. Hackers can use this information for identity theft and phishing attacks.
  • Financial data – If hackers gain access to your banking or online shopping accounts, they can drain your funds, make fraudulent purchases in your name, and take out loans and credit cards.
  • Online reputation – Compromised social media and email accounts can be used to spread misinformation, send spam, and damage your relationships.
  • Digital devices – In some cases, hackers can exploit easy-to-guess passwords to gain access to your devices, leading to data loss, malware infections, and even hardware hijacking.

Beyond these direct consequences, having your accounts hacked and dealing with the issue can be financially draining, time-consuming, and extremely stressful. Protect yourself from these dangers by prioritizing strong password security.

We’ll now explore the most popular passwords, which are also the most common weak passwords.

The Most Common Passwords – The Weakest Passwords in 2024

Many people unfortunately opt for convenience over security, leading to these alarmingly common and weak passwords. Password manager NordPass analyzed more than 4.3TB of password data from publicly available sources to find the most commonly used passwords today.

Here are the top 20 worst passwords you can use:

  1. 123456 – This numerical sequence tops the list year after year due to its simplicity and is arguably the world’s worst password.
  2. admin – Often the default password for many devices and accounts, making it easy for hackers to exploit.
  3. 12345678 – A slight expansion on the top choice, but one that’s still easily cracked.
  4. 123456789 – Adding another digit doesn’t offer much more security.
  5. 1234 – A shockingly short and predictable password.
  6. 12345 – Another extremely short and basic numerical sequence.
  7. password – The word “password” itself is a terrible choice for obvious reasons.
  8. 123 – Even simpler than its predecessors and incredibly vulnerable.
  9. Aa123456 – Adding a capital and a lowercase letter can create a false sense of complexity.
  10. 1234567890 – Predictable and easy to type.
  11. 1234567 – Removing a few numbers at the end doesn’t provide much protection.
  12. 123123 – Simple repeating patterns are easily guessed.
  13. 111111 – Repetition makes passwords weak.
  14. Password – Simple capitalization won’t fool hackers.
  15. 12345678910 – Length alone doesn’t provide adequate protection.
  16. 000000 – Don’t choose a password repeating a single character, regardless of length.
  17. admin123 – Combining “admin” with a simple sequence isn’t enough to protect you.
  18. 1111 – Short, repetitive single-character passwords are a hacker’s dream.
  19. P@ssw0rd – Replacing a few letters with symbols doesn’t create any real degree of complexity.
  20. root – Another common default password to avoid.

Important Takeaways

  • Predictable patterns, regardless of length, are easily cracked.
  • Personal information like names, birthdays, or addresses are vulnerable.
  • Reusing passwords across multiple accounts is a huge security risk.

Ready to learn how to create better passwords? Let’s move on to password security best practices.

Total Password
9.1
  • Starting from $1.99/month
1Password
9.5
Review
  • Starting from $2.99/month
NordPass
9.6
Review
  • Starting from $1.49/month

How To Ensure You Never Get Caught Out Online

Creating secure passwords and managing them effectively is essential for your online safety. Good password habits begin with password creation.

We recommend following these best practices:

Password Checklist

  • Length is key – Aim for a minimum of ten characters, but keep in mind that longer is always better.
  • Mix it up – Combine uppercase letters, lowercase letters, numbers, and special characters, such as @, #, $, and %, to make a more random password.
  • Avoid the obvious – Never use your name, birthdate, address, pet’s name, or other easily obtained personal information.
  • No dictionary words – Hackers use software that checks against common dictionary words – and single words are easy to crack.
  • Uniqueness is essential – Make sure to use unique, complex passwords for your most important online accounts. Otherwise, one cracked password could unlock all your accounts.
  • Change regularly – Update your passwords every few months, especially for critical accounts like banking and email.
  • Never share your passwords – Sharing your passwords with others adds significant risks, from potential loss of ownership to unwanted privacy breaches. If you really need to, here’s how to share a password safely.

Beyond the Basics

  • Password managers – These tools offer a secure vault to store all your passwords while keeping them easily accessible. They can generate strong, unique passwords for each site and autofill them when you log in, and you only need to remember your master password.
  • Think passphrases – Instead of a single word, create a memorable phrase or sentence, then turn it into a password. For example, “My favorite place to ski is Aviemore!” might become “MfptsiA!.”
  • Two-factor authentication (2FA) – Whenever available, enable 2FA. It adds an extra layer of protection, usually requiring you to enter a code sent to your phone or generated by an app and used in conjunction with your password. See our guide to how to set up and use Google Authenticator for more information.

Example of Creating Strong Passwords

Let’s use the passphrase, “I ate pizza with David in 1990.”

  1. Abbreviate – IapwDi1990
  2. Add symbols – Iap$$wDi1990!
  3. Mix case – IaP$$WdI1990!

This password is long, complex, and unrelated to your personal information.

Total Password
9.1
  • Starting from $1.99/month
1Password
9.5
Review
  • Starting from $2.99/month
NordPass
9.6
Review
  • Starting from $1.49/month

Summary – Fixing the Most Common and Worst Passwords

Passwords are your first line of defense for your accounts and your data. By understanding the dangers of weak passwords and implementing good security practices, you can significantly reduce your exposure to cyberattacks.

Consider using a password manager, regularly update your passwords, and make sure to take advantage of two-factor authentication. Most importantly, protect your online identity and assets by creating strong, unique passwords for all your accounts.

FAQs

What are the top 10 weakest passwords?

How do I choose a good password?

How long should a password be?

References

Richard Sutherland
Technology Expert
Richard Sutherland
Technology Expert

Richard brings more than two decades of computer science, business operations, and full-stack development experience to Techopedia. A Computer Science graduate and former Samsung IT support manager, Richard has taught courses in Java, PHP and Perl, and created code for the public and private sectors. A prolific B2B and B2C tech writer, Richard has worked for Samsung, TechRadar Pro, and more.