The poor the bad and the terrible -- popular passwords around the world
Passwords are an essential part of our digital lives, yet many people still use weak or simple combinations of letters and numbers that can be cracked in just a few seconds.
A new report from Safety Detectives, based on analysis of a 2.5TB database containing passwords compromised through data breaches and malware attacks across 44 countries, looks at the current state of password habits, to highlight how these practices have evolved over time.
Sadly the findings show we're still wedded to incredibly insecure passwords. '123456' was the most frequently used password worldwide in 2024, used 3,018,050 times in the dataset. Of the 200 most common passwords identified, an astonishing 161, or 80.5 percent, can be cracked in just one second.
Whilst '123456' dominates across the world, in the US 'secret' is most popular, Canada likes 'qwerty123', and the UK and Australia are fond of 'password'.
Once you get past the really obvious one listed above there are poor choices that are popular in certain countries. In Australia 'Lizottes' -- the name of a popular restaurant -- is common, while people in the UK and Ireland are fond of using football clubs, in particular 'Arsenal' and 'Liverpool'. Football is popular elsewhere too with 'Benfica' being a common choice in Portugal and 'Anderlecht' in Belgium.
Interestingly although they exhibit high confidence in their password management and are more likely to recognize that reusing the same password on different accounts is risky, Gen Zers are the most prone to password mishaps. 51 percent of Gen Z use memory to keep track of their passwords rather than using a password manager.
In contrast, baby boomers are the least confident in their password management, yet are the most likely to create unique passwords and the least likely to reuse the same password or a variation.
The report also finds that 68 percent say they create stronger passwords for financial accounts, while 49 percent do so for email accounts and 32 percent for work-related accounts. This indicates a tendency to prioritize security for those accounts perceived as more sensitive.
Shipra Sanganeria, freelance writer and researcher, writes on the Safety Detectives blog:
While password habits have evolved over time, many people still rely on simple and predictable choices that leave them vulnerable to cyber threats. Although we’ve seen some increased awareness around password complexity, the most common passwords continue to be easy to guess.
As we move forward, stronger, longer, and more unique passwords will be necessary to protect our digital lives. By learning from past trends and adopting better security practices, we can create a safer online environment for ourselves and those around us.
You can see more, including information how password habits have evolved over time, on the Safety Detectives blog.
Image credit: Designer491/Dreamstime.com