Study reveals top 20 most used passwords; 83% can be cracked in a second

Ahead of World Password Day on May 4, NordPass has released a report showing that “password habits die hard” with a list of the most used passwords in the US and 29 other countries. For the US, many of the usual suspects are on the list, however, this time around “123456” is no longer the most popular password. The study also found 83% of these passwords can be cracked in “less than a second.”

For its study, NordPass says it evaluated over 3TB worth of data with the help of independent researchers to determine the top 200 most used passwords in 30 different countries.

The company notes that “despite growing cybersecurity awareness, old habits die hard. The research shows that people still use weak passwords to protect their accounts.”

The report actually includes the 200 most used passwords for each country, below we’ve got the top 20 in the US. And here are the four major takeaways:

• “guest” beat out “123456” to be the most popular password among Americans in 2022.
• Simple combinations of letters, numbers, and symbols, such as “a1b2c3,” “abc123,” or “qwerty,” are highly popular in the US.
• When creating passwords, people tend to draw inspiration from cultural experiences, lifestyle trends, or recent events, be it sports or fashion. For example, American professional sports team names (i.e., Detroit Red Wings, Boston Red Sox,) or variations of them make extremely popular passwords.
• 83% of the world’s most common passwords can be cracked in less than a second.

Top 20 most common passwords in the US

1. guest
2. 123456
3. password
4. 12345
5. a1b2c3
6. 123456789
7. Password1
8. 1234
9. abc123
10. 12345678
11. qwerty
12. baseball
13. football
14. unknown
15. soccer
16. jordan23
17. iloveyou
18. monkey
19. shadow
20. g_czechout

Check out the whole list of the 200 most common passwords from each country. The charts also include how many times a given password was found and an estimate of the time it takes to crack it.

Password checkup tips

Last month we got an idea of how strong password-cracking tools are becoming with the latest AI. Even if you have strong password habits, it’s never a bad idea to do an audit and it’s always helpful to remind less tech-savvy friends and family to:

• Use 2FA/MFA (non-SMS-based whenever possible)
• Check your password manager for alerts about compromised or reused passwords (don’t use the same password across different accounts)
• Use auto-generated passwords as long as possible
• Update passwords regularly, especially for sensitive accounts
• Refrain from using public WiFi, especially for banking and similar accounts

For those looking for even greater security with Apple devices, physical security keys are now supported:

• Here are the security keys Apple recommends for iPhone, iPad, and Mac

And check out our full explainer for all the details on how they work:

FTC: We use income earning auto affiliate links. More.