Cybersecurity experts at NordPass, a password management service linked to NordVPN, have unveiled the most commonly used passwords of 2023, revealing a disheartening lack of improvement in user security habits.
Topping the list is the perennially popular “password,” followed closely by “123456” and “123456789.” This echoes patterns observed in previous years, indicating a persistent lack of awareness around password security.
The analysis, based on a 4.3-terabyte database sourced from various public domains, including the dark web, presents a global perspective on password vulnerabilities. The top 20 passwords largely mirror those from 2022 and 2021, underlining the widespread prevalence of easily guessable combinations. They are as follows:
- password
- 123456
- 123456789
- guest
- qwerty
- 12345678
- 111111
- 12345
- col123456
- 123123
- 1234567
- 1234
- 1234567890
- 000000
- 555555
- 666666
- 123321
- 654321
- 7777777
- 123
Notably, NordPass identified a trend where passwords for streaming service accounts tend to be weaker compared to those for email or social media.
Regional variations in password choices are evident, with European users often incorporating football team names like “liverpool,” “arsenal,” and “Chelsea,” while things like “benfica” topped the list in Portugal. Italy featured passwords like “juventus” and “napoli” in their top 10. In the United States, the 24th most popular password is “fuckyou,” while the 63rd is surprisingly “cheese.”
India’s fourth most used password, “bigbasket,” is likely linked to the country’s prominent online supermarket. South Africa features the intriguing entry “Sexy1234” in its top 20, and the word “dragon” appears in various national lists without clear reasons.
NordPass emphasizes the critical need for stronger password practices, recommending a minimum length of 20 characters with a combination of uppercase and lowercase letters, numbers, and special symbols. Users are advised against incorporating easily guessable information such as birthdays, names, or common words, including those related to sports teams.
Expressing concern about the inherent risks associated with traditional passwords, NordPass’s Chief Technology Officer, Tomas Smalakys, advocates for alternative authentication methods. Passkey technology, hailed as a promising replacement for passwords, is gaining traction among individuals and progressive companies for its potential to enhance security while eliminating the hassles associated with conventional password management.