Sometimes, it takes lots of money, time, coding skill, and technological infrastructure to hack an account or get a password. But, seldom, a good guess does the magic.
Today, millions of people fall prey to hacking by exposing their passwords, and others just create passwords that are too easy to guess. That’s why we decided to compile an exhaustive list of the most hacked passwords in the world so that you can watch out.
This post not only features the data from authentic organizations’ surveys, but our team of cybersecurity experts also analyzed over 20 million passwords that we collected from various worldwide databases. We organized the results in different lists (to make it better understandable for our readers), such as country-specific, on names, sports, musicians, and students.
Before you start, please note this post is not supposed to sensitize you about how to hack other people’s passwords. Instead, it’s about encouraging you to only use stronger and unique passwords.
Note: While on top of the organizations’ surveys’ data, we gathered data from leaks found on marketplaces, dark web sites, and hacking forums, but we only analyzed the data itself. Meaning no personally identifiable information such as banking details or usernames were compromised while preparing this report.
The 20 most used passwords in the world
Ironically, the most hackable passwords also happen to be the most popular. And to crack them, a hacker does not even need to use any infrastructure or skill as long as he can make a good guess.
This list will show you that people need to do better when it comes to creating their passwords. But, it’s not in any way intended to put you to shame but rather to educate you on passwords that you may want to strengthen.
You may also realize that the more complicated your password is, the harder it is to hack it. Yes, it would help if you had a memorable password, but creating a complex one would be your top priority in this age.
You don’t want anyone to guess your password correctly. For this reason, it’s believed that using your favorite football team as your password is a lazy thing. Seriously.
Names of celebrities or anything associated with you can easily be guessed, and you don’t want to give that power to malicious people.
According to the United Kingdom’s National Cyber Security Centre (NCSC), the worst passwords you can use are easy to crack. The report analyzed more than 23.2 million passwords, and they find some weird details. For instance, more than 100,000 hacked passwords are those that are recurring and popular among people.
In the worst passwords list, you might find it horrifying that many people even use qwerty or 123456, which is quite funny. Others use their own name or the same email username, which gives hackers an upper hand.
Here’s a list of the world’s most hackable passwords:
- 123456 (23.2 million users)
- 123456789 (7.7 million users)
- qwerty (3.8 million users)
- password (3.6 million users)
- 1111111 (3.1 million users)
- 12345678 (2.9 million users)
- abc123 (2.8 million users)
- 1234567 (2.5 million users)
- password1 (2.4 million users)
- 12345 (2.3 million users)
- 1234567890 (2.2 million users)
- 123123 (2.2 million users)
- 000000 (1.9 million users)
- Iloveyou (1.6 million users)
- 1234 (1.3 million users)
- 1q2w3e4r5t (1.2 million users)
- Qwertyuiop (1.1 million users)
- 123 (1.02 million users)
- Monkey (980, 209 users)
- Dragon (968,625 users)
Looking at the number of people using the above-listed ridiculously unimaginative internet’s most vulnerable passwords, all we can say is, “it is just lazy.”
Top 5 names used as passwords
- ashley (432,276 users)
- michael (425,291 users)
- daniel (368,227 users)
- jessica (324,125 users)
- charlie (308,939 users)
Top 5 football teams passwords
- liverpool (280,723 users)
- chelsea (216,677 users)
- arsenal (179,095 users)
- manutd (59,440 users)
- everton (46,619 users)
Top 5 musicians’ names as passwords
- blink182 (285,706 users)
- 50cent (191,153 users)
- eminem (167,983 users)
- metallica (140,841 users)
- slipknot (140,833 users)
- Top five fictional characters
- superman (333,139 users)
- naruto (242,749 users)
- tigger (237,290 users)
- pokemon (226,947 users)
- batman (203,116 users)
Most common passwords in Germany
Germans show a massive preference for numeric passwords that start with 123. In fact, these numerical passwords form half of the top 20 most used passwords in Deutschland.
Looking at the Germany’s data we found that users from the country use some of the most insecure passwords.
Most commonly used passwords in France
The French version of qwerty is azerty, and it’s the topmost used password in the country. Then, Francais phrases such as bonjour, jetaime, maraseille, chocolat,discouragingthat, and soleil come in to share the fame.
Lately, there’s been increased attention towards numerical patterns as passwords. However, they only form about three numerical passwords among the top twenty.
A good explanation is that French keyboards need you to press Shift+number to get the number you want, discouraging many users from using numerical patterns in their passwords.
Most popular passwords list in Russia
Russia is quite a different country. When they are not using their “vernacular” characters, they concentrate on numerical patterns on the keyboard.
And, as a fun fact, Russian users are the least likely in the world to use any meaningful phrases as passwords.
Italy’s easy passwords list
Italians love their football clubs to the extent they use their names as passwords. Then, their romantic names also feature significantly in the list of the most popular passwords in Italy:
Most common passwords in the USA
Americans are more diverse than other populations when it comes to passwords; they use common words, sports, and numeric and keyboard patterns.
A quarter of the top USA passwords contain an exact match of “qwerty” and its variations.
Below you go with the most common passwords in USA:
Top 20 most popular passwords in Spain
Spanish people seem to love their La Liga teams and numbers. In fact, more than 70% of passwords used in Spain have numerical patterns. Then, two of the five top phrases are popular football clubs.
20 most popular passwords among students
University and college students normally don’t give lots of attention to their .edu email. In fact, they just assume it’s only essential for studies. So, they have some of the most insecure passwords. For instance, three out of the top 5 passwords constitute easy guesses such as patterns, first names, and sporting activities.
And, given the technological expertise that university students are expected to have, it’s fair to say that they don’t regard emails and online learning with enough reverence.
Here are the most common .edu passwords:
Top 50 most common Wifi passwords
When people are creating Wi-Fi credentials, they tend not to pay attention to a “hideous” strong password.
Instead, they just play around with the keyword for a pattern. The majority of these passwords are letters and numerical patterns. Other people just write variations of their names as passwords.
Some passwords aren’t so easy to guess. However, there are several noobs who just like to keep them easy for memory. Here are popular wifi passwords worldwide:
- Apple Network 0273df
10 most common Facebook passwords
As a social platform, Facebook attracts passwords that are similar to its purpose.
Many users typically create passwords about things that they hold close in their lives. For instance, it could be a pet name, birthday, candy, car, ice cream, or relative.
Here are some of the most popular Facebook passwords people have around the world.
Why not use the most commonly hacked passwords
Companies’ data getting breached is common in this age. If you don’t take enough questions, you might be a victim. Creating strong passwords will help protect your privacy.
Some of the most vulnerable targets of hacking and passwords theft include Facebook, Netflix, and even British Airways. Some companies aren’t doing enough to protect their customers’ data, but; we also have to take the blame for creating passwords that are easy to guess.
If you find your password on this list, it goes without saying that you must change it immediately. You might need a few guidelines so that you can come up with strong passwords; those tips are provided at the end of this guide.
Quick facts about the most hacked passwords in the world
As noted in the beginning, we collected more than 20 million passwords from different databases and sources–and analyzed them. Here is the recap of shocking details we found:
- The most hacked password in the United States of America is the password.
- Germany’s most popular password is 123456.
- The most hacked Russian password is qwerty.
- Most internet users create passwords from keyboard patterns. In fact, 25% of the most common passwords are simply keyboard patterns such as qwerty, 1q2w304r, and zaq12wsx.
- More than 60% of passwords are from repetitive numeric patterns—for example, 123456 and 111111 or 741852963.
- Germany and Spain lead to the use of numeric patterns as passwords.
- Russians use keyboard patterns more than any other country in the world.
- Greetings are popular as words in every country. In fact, they only translate the word hello in their language and use it as a password.
- The word password and its variations form the most popular credentials.
- Countries with large numbers of football fun tend to use major teams as their passwords. In England, for example, Liverpool has the highest number of club name passwords. In Italy, Milan and Juventus lead the pack. And in Spain, Real Madrid Barcelona, and Athletico are used as passwords heavily.
- 4.2% of passwords are a replica of the name used in the email. Italians are at 4.13%, Russians at 3.79%, and Germans at 2.5%.
- Then, about 0.03% of worldwide populations use their first name and numbers as passwords. Even though it sounds like a great thing to add numeric patterns to your password, it becomes easy to guess if you’re still using your name.
- More than 1% of the people used passwords from religious leaders in the year culture. For instance, Christ and Jesus head more than 7000 mentions in the password.
- Others concentrate on famous brands such as Apple, Samsung, Google, and LG.
- More than 4000 of the passwords we analyzed had friends as the password. Another 2300 used Star Wars. Other TV shows took a huge chunk of the passwords.
- Cristiano Ronaldo, CR7, and other popular sports personality variations also appeared conspicuously with more than 1250 mentions.
- Italian and American populations are more likely to use first names or words their birth years or emails as passwords. In fact, 4% of users in the world follow this trend.
- The phrase ‘iloveyou‘ is widely used as a password by populations around the world after it gets translated into local languages.
- Numerical patterns and numbers are popular when people are signing up for a mobile phone website or a contact management application on their phone.
Most common phone patterns
Some people prefer to use or draw patterns on their phones to unlock. With the Iris recognition, the patterns are losing their place, but many people still prefer it.
Pattern locks get unlocked after a user draws an easy pattern that he can remember. 77% of people start drawing their patterns from the corner. 44% of people start drawing the patterns from the top-left nodes of their screen. In most cases, people only touch five nodes.
Another characteristic of most parts is that they move from left to right and top to bottom.
A study by the Norwegian University of Science and Technology shows that the probability of touching any of the nodes is as follows:
|Number of nodes||Node combination|
Most people are looking for patterns they can remember. So, the shapes tend to be an informal drawing of a popular symbol used. For instance, people tend to draw the cross or letters X, M, N or Z, and other letter patterns.
To secure Android or any other mobile device, whenever you are creating a pattern to unlock your phone, make sure to remember these three important things:
- First, whenever you draw a pattern, those who are near you are likely to see what you’re doing and copy it.
- Two, smart people just need to tilt your phone. Then your screen will show the path your fingers followed when drawing the pattern.
- Three, people are looking for a simple pattern that they have seen with other users.
Research shows that men are more likely to have complicated Android phone lock patterns than women are. Meaning, it is more challenging to unlock a man’s phone than a woman’s.
We recommend not relying on patterns to protect your phones as they are more predictable than many users think. As per a study conducted by Lancaster University, it only takes five attempts to crack an Android device’s pattern.
Most common password mistakes you could be making
You’ve already seen that just because you have a password doesn’t mean your device is safe. Your data needs to be protected, and that’s why we are noting inevitable mistakes you could be making:
Using the same password on all platforms
Reusing passwords is a common password security mistake today; people are continually making it.
When you use the same password for Facebook, Twitter, and Instagram, it only means that if somebody hacks your Facebook account, they will have all the others as well. This is a recipe for disaster that needs to be stopped.
Using a password that’s similar to your username
Creating a unique password helps avoid situations where it can be easily guessed. If your password is the same as your username, it more likely will lead to giving hackers an upper hand.
You’re sharing your password
Humans are very vulnerable to trust others too easily. And, sometimes, we give our passwords willingly to people who we think we trust. Ironically, studies show that Americans share passwords with their wives and other close family members.
But, we have to agree that the very fundamental reason we have a password in the first place is that we want to stay safe. It is supposed to be personal, and you shouldn’t share it with anyone else. The more people that know your password, the easier it is to leak.
Using others’ devices to log into your account
On top of using our friends’ and families’ devices, some people like to use the cyber cafe to create or log into the account.
But, we have to admit that there are lots of problems with that because, in the end, you are giving away your data to someone else. Remember, others can even tweak their devices to store the passwords, and they might eventually reveal your secrets.
Some of these devices can also have a keylogger to that make sure everything you type gets stored.
Using public WiFi
Public networks are not safe, especially when you are using high-level secrecy passwords. If you want your password to be safe, you have to avoid any public devices or WiFi.
Once you do anything online using public networks without any protection, it is going to be seen by the ISP provider. If the provider is malicious, they might end up drawing patterns or profiling you to try and find out your password.
The shorter your password, the higher the probability of guessing it right.
For instance, if your password consists of only four numbers, the probability of guessing is 9999. And when yours has got eight numbers, then the difficulty of getting it increases to 1 out of 99999999.
A positive note: Most of the passwords that we analyzed in this report would not be allowed to be used by top websites today as they have password strength checks in place.
Using your favorite phrases
Social engineers can listen to what you say or look at your interests and then make a good guess about what your password could be.
These individuals are intelligent enough to draw patterns depending on words and phrases you like to repeat and the names of your girlfriend, pet, or favorite movie. If any of these form your password, then you’ve already given it away.
How to create a password that’s hard to crack
You might think your password is strong, only to find that a whole lot of other people are using it as well.
If you want to stay safe online, you must come up with a unique password for every service you create your account on. Using special characters in your password will make it difficult to guess.
The good thing is that most platforms encourage you to create a password that has got numbers, letters, and punctuation characters that people cannot guess easily.
And, because some of the accounts have got sensitive details, you need to use different passwords for different platforms so that in case someone hacks one of them, they don’t get access to any other account.
It is highly recommended that you do not reuse your credentials or passwords. If you want to create strong passwords, you can just come up with one line of a song that you like. And in case you are not good at remembering stuff, you can rely upon a password manager or application that will store your credentials. Below you go with some tips on password security:
- Never log into your sensitive accounts, such as banks using someone else’s device. Some phones and computers are set up to record your password. That exposes your credentials and compromises your accounts.
- Combine alphabets, numbers, punctuation matters, spaces, and special characters in your password.
- Write your password in a language not spoken by many people. For example, you could write “#GwithirimukwoNiHeho7!” which is an African version for “It’s so cold I’m shivering.” The goal is to make sure that your password is as unique as possible.
- After you have created a password, run it against databases to check whether it’s common. If you find it with other people, it can also be guessed easily, and you must change it.
- Don’t reuse passwords. Your Netflix password should be different from that of your Facebook. If you have the same password across all accounts, you give malicious hackers the upper hand of compromising all your online activities.
- Your password should never be anything close to your username or email.
- Never share passwords with anyone. A recent survey by Kill the Cable Bill shows that nearly half of Netflix users share their passwords with friends and relatives. The people you share your passwords with can draw trails to try signing in to your other accounts using variations of your password.