X
  • Tech
  • Services & Software
  • Services & Software

Is Your Password on the List of the 10 Worst, Most Hackable Passwords?

Maybe "secret" isn't the best word one could choose for a password. Ditto "123456."

Headshot of Gael Cooper
Headshot of Gael Cooper
Gael Cooper
CNET editor Gael Fashingbauer Cooper, a journalist and pop-culture junkie, is co-author of "Whatever Happened to Pudding Pops? The Lost Toys, Tastes and Trends of the '70s and '80s," as well as "The Totally Sweet '90s." She's been a journalist since 1989, working at Mpls.St.Paul Magazine, Twin Cities Sidewalk, the Minneapolis Star Tribune, and NBC News Digital. She's Gen X in birthdate, word and deed. If Marathon candy bars ever come back, she'll be first in line.
Expertise Breaking news, entertainment, lifestyle, travel, food, shopping and deals, product reviews, money and finance, video games, pets, history, books, technology history, and generational studies Credentials
  • Co-author of two Gen X pop-culture encyclopedia for Penguin Books. Won "Headline Writer of the Year"​ award for 2017, 2014 and 2013 from the American Copy Editors Society. Won first place in headline writing from the 2013 Society for Features Journalism.
Gael Cooper
2 min read
Hands are seen holding a smartphone and using a password authenticator with a laptop

Yes, people are still using the most basic passwords imaginable.

 d3sign/Getty Images

How do so many people get hacked? Apparently, many of them don't give much thought to choosing their passwords, both for personal and for work accounts. That's according to the sixth annual analysis of personal password habits from password manager NordPass in collaboration with threat-management software NordStellar.

"Guess what?" the report introduction asks. "(Passwords are) still really bad."

How bad? Bad enough that you might think Homer Simpson just mashed his hand on a computer keyboard to come up with a password. According to the report, the most popular password in the world for both personal and corporate accounts is 123456, and it's used by more than 3 million people for personal accounts and more than 1.2 million for corporate ones.

Read more: Best Password Manager of 2024

"'123456' has once again claimed the title of the world's worst password!" the NordPass analysis reports. "In fact, during this our six-year study, it topped the charts as the most common password 5 out of 6 times. 'Password'  held this not-so-noble title just once."

Here are the top five passwords for personal accounts, according to the analysis.

  1. 123456
  2. 123456789
  3. 12345678
  4. password
  5. qwerty123

And here are the top five for corporate accounts.

  1. 123456
  2. 123456789
  3. 12345678
  4. secret
  5. password

According to the report, it takes less than a second to crack any of these 10 passwords.

The company reviewed and analyzed a 2.5TB database extracted from public sources, including those on the dark web. Data was organized by country of origin, covering 44 countries, and was separated by corporate and personal credentials by the use of related email addresses.

Tips for stronger passwords include making a lengthy password that steers clear of easily guessed information, such as birthdays, names and common words. Users should not reuse passwords for different sites. Password managers can also protect passwords without requiring the user to memorize dozens of complex passwords, since they will only need one password to log into the password manager itself.