Study reveals top 200 most common passwords

Pierluigi Paganini November 20, 2021

The annual study on top-used passwords published by Nordpass revealed that we are still using weak credentials that expose us to serious risks.

Nordpass has published its annual report, titled “Top 200 most common passwords,” on the use of passwords. The report shows that we are still using weak passwords.

The list of passwords was compiled with the support of independent researchers specializing in data breach analysis., the study is based on the analysis of a 4TB database containing passwords across 50 countries.

Most used passwords are still 123456, 123456789, 12345, qwerty, and “password”. Businesses fail to enforce strong passwords, and rarely request employees to enable multi-factor authentication (MFA). 

The report revealed that the most common passwords in 2021 were:

  1. 123456 (103,170,552 hits)
  2. 123456789 (46,027,530 hits)
  3. 12345 (32,955,431 hits)
  4. qwerty (22,317,280 hits)
  5. password (20,958,297 hits)
  6. 12345678 (14,745,771 hits)
  7. 111111 (13,354,149 hits)
  8. 123123 (10,244,398 hits)
  9. 1234567890 (9,646,621 hits)
  10. 1234567 (9,396,813 hits)

Below is the map showing password leaks per capita:

top used passwords

According to the report, a stunning number of people have the bad habit of using their own name as a password. While “Liverpool” might be the most popular team in the world, while “Ferrari” and “Porsche” are the most popular car brands worldwide. 

The “iloveyouis” password is used more by women, in the US, the number of women using it is 222,287 while the number of men using the same password is 96,785.

Below are the password hygiene basics provided by the experts:

  • Use complex passwords containing at least 12 characters and a varied combination of upper and lowercase letters, numbers, and symbols. Password generator could be easily generate them.
  • Never reuse passwords for multiple accounts.
  • Regularly update passwords, experts recommend changing passwords every 90 days.
  • Check password strength
  • Check password strength – regularly assess your password health. Identify weak, reused, or old passwords and fortify your online security with new, complex ones.
  • Use a password manager.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, top-used passwords)

[adrotate banner=”5″]

[adrotate banner=”13″]



you might also like

leave a comment