If you use a password on this list, change it TODAY – .

If you’re unsure whether the password you rely on to secure your online accounts is strong enough, make sure it’s not presented in the list below.

The list of last year’s most common passwords has been published by the team at NordPass – the password management software developed by the same minds behind NordVPN – to highlight the lackluster phrases used to protect sensitive data online.

According to data first released late last year, “123456” remains in first place as the most commonly used password.

The uncreative password has been used 4.5 million times by online users, NordPass researchers revealed, followed closely by the word “admin” with 4 million uses worldwide.

Numerical sequences appear in the most common password list, with “123456”, “12345678”, “123456789” and “1234” all making the top five. In fact, a third of the top 10 is made up of numbers alone.

Hackers can break into accounts secured with passwords like “123456” and “admin” in less than a second, NordPass researchers confirmed. If you have online accounts protected by any of these passwords, it’s time to upgrade to something new – and a lot safer.

Yeah.

To commemorate World Password Day here (May 2, 2024), we’ve published the full NordPass list below, so you can check if your accounts are protected by an easy-to-guess password. If your password appears anywhere from the list below, edit it now.

Top 10 most common passwords in 2023

1. 123456 (used 4,524,867 times)
2. administrator (used 4,008,850 times)
3. 12345678 (used 1,371,152 times)
4. 123456789 (used 1,213,047 times)
5. 1234 (used 969,811 times)
6. 12345 (used 728,414 times)
7. password (used 710,321 times)
8. 123 (used 528,086 times)
9. Aa123456 (used 319,725 times)
10. 1234567890 (used 302,709 times)

To compile the list, they combed through a 4.3 TB (or 4,300,000 MB) database extracted from a number of high-profile password leaks on the Dark Web to find the passwords on which people mattered more than others. NordPass only received statistical information from the researchers, no personal data was included in the results sent to the password management team.

It comes as new research from the Institution of Engineering and Technology (IET) to mark World Password Day on Thursday found that 20% of the public also use the same password for multiple websites and devices, many of them using animal names or a meaningful password. date – all practices advised against by cybersecurity experts.

This approach is despite the fact that 65% say they are afraid of being hacked in the future and 84% believe that hackers are becoming more inventive.

The IET said it published its research, which included a survey of 2,000 people aged 16 and over in the UK, to help raise awareness of the need for strong passwords.

The study highlighted what it sees as misconceptions about password security among the public, with 38% of people believing that replacing letters with numbers is more secure when used. acts as a password, with a further 45% thinking it makes them harder to guess, which the IET said was not the case.

In his study, only 20% correctly said that using three random words was a more secure form of password.

Dr Junade Ali, cybersecurity expert and Fellow of the IET, said: “In our evolving online world, it is more important than ever to have strong passwords as hackers target multiple accounts. victims due to weak and predictable passwords. IET research shows that 65% of people think passwords should never be written down, and 77% think changing passwords frequently makes them more secure, despite expert advice recommending otherwise.

“If you use the same password for every website and the password is hacked on one site, all sites can be compromised without the attacker needing to try other passwords – this is what we call credential stuffing. However, there are simple and straightforward ways to strengthen your defenses against cyber threats.

According to the NordPass research team, people tend to use the weakest passwords for their streaming services, like Netflix, Disney+ and Prime Video, reserving their strongest passwords for online banking.

Common passwords used by streamers included “Netflix”, “netflix123”, “disney123” and “disney2020”. While researchers found that people generally reserve their best passwords for financial accounts, weaker options such as “visavisa1” and “paypal123” still appear regularly.

It’s a model that comes up again and again. NordPass found that different platforms influence password habits, with the fourth most common password used to secure accounts on Amazon being (surprise, surprise) “amazon.”

Some websites have strict password requirements, requiring account holders to use at least one letter, number, and special characters. These conditions propelled passwords like “P@ssw0rd” into the top 30 global passwords, but unfortunately, it did little to make user data more secure. According to NordPass, “P@ssw0rd” can be unlocked by hackers in less than a second.

Password managers, like 1Password (pictured), can manage long, unique alphanumeric passwords for each online account and monitor the Dark Web for breaches and hacks.

1PASSWORD PRESS OFFICE

Tomas Smalakys, CTO of NordPass, said: “Given the terrifying risks password users face, alternative methods of online authentication are now essential.

“Passkey technology, considered the most promising innovation to replace passwords, is successfully leading the way, earning the trust of progressive individuals and businesses around the world. As one of the first password managers to offer this technology, we find that people are curious to try new things, as long as it takes the hassle out of passwords.

So what should you do? NordPass recommends creating a strong password with at least 20 characters and a mix of upper and lower case characters, numbers, and special characters. Personal information that could be easily guessed by those who know you – such as birthdays, pet names and hometowns – should be avoided. Always create a unique password for each online account, says NordPass.

If you’re having trouble thinking of something, using the first letter of each word in a verse of poetry, a saying, or the lyrics of a song that you’re unlikely to forget can be a great way to quickly generate what seems to be a message. a completely random jumble of characters.

LATEST DEVELOPMENTS

Password managers are also a popular way to secure your online account. These apps generate secure passwords for each account, which are stored in an encrypted vault accessible from any of your devices. To log in, most of these apps only require a quick biometric verification – facial recognition on iPhone or fingerprint scanning on Windows and Android PCs.

NordPass is an option available alongside Last pass And 1Password.

Both Google and Apple offer built-in password managers with their most popular products, Google Password Manager and iCloud Keychain, respectively, which generate and store passwords.

Online accounts are increasingly turning to passwords as a way to let users log into apps and sites the same way they unlock their devices – using a fingerprint, face or on-screen PIN.

Unlike passwords, passwords are resistant to online attacks like phishing, making them more secure than one-time codes sent via SMS. Microsoft, Google, Apple and the FIDO Alliance are working together to make passwords on the web an industry standard.

WhatsApp, the world’s most popular messaging service, recently added support for password login on iPhonein the footsteps of Elon Musk’s X, formerly Twitter, which enabled the feature earlier this year.

While there are high hopes for passwords, with Google even calling their rollout “the beginning of the end of passwords,” they are unlikely to eliminate old passwords for some time. At the moment, we’re still stuck with passwords for many of our online accounts… so it’s time to ditch “password123” and think about something a little stronger.