Even in 2024, millions of internet users still rely on virtually ineffective passwords – here are the top 200

Passwords remain a security issue. A renowned IT security company has identified the most commonly used ones – and they are all bad.

What are the worst passwords? The password manager provider NordPass analyzed a massive dataset from publicly accessible databases, totaling 2.5 TB. This includes lists traded on the dark web. The result was a list of millions of passwords with associated email addresses – and the situation remains unchanged and terrible. For the most used passwords are all simple to crack.

Infamous favorites among people remain 123456 or password. And no matter how far the view wanders down the sad top list, it doesn’t get more creative. As it turns out, users have not become more cautious in 2023.

Elsewhere, we explain a project by students that wants to highlight the dangers of technology. Here you can find the report in article form. You can watch the related video directly:

In professional or private life: people are password-lazy

NordPass distinguishes between private and corporate passwords in its lists. They separate them based on email addresses. You can find the complete list of the 200 most commonly used passwords here at NordPass.

Globally, the top five passwords used at home look like this:

• 123456
• 123456789
• 12345678
• password
• qwerty123

When looking at the prevailing passwords in Germany, qwerty and the like are eliminated and replaced by even more trivial number sequences or in 10th place the creative output 000000.

Corporate passwords look quite similar:

• 123456
• 123456789
• 12345678
• secret
• password

The German top five is almost identical to the private one.

Why are these passwords bad? These databases have long been known to all hackers. They have fed their tools with it, and according to NordPass, it takes less than a second to crack almost anything within the top 200.

More on IT security

More on the topic

An American intelligence agency reveals a simple trick for more security on your mobile phone

von Gerald Wessel

More on the topic

The new colleague is a cybercriminal from North Korea: US cybersecurity company narrowly escapes attack

von Gerald Wessel

More on the topic

A company offers security updates for Windows 10 until 2030, although Microsoft is ending support

von Benedikt Schlotmann

Tips for strong passwords

You can follow these points if you doubt whether a password is secure:

• Use as many uppercase and lowercase letters as well as numbers and, if allowed, special characters.
• Do not use simple sequences like those from the above lists from NordPass.
• These should not include known words from your native language or common foreign languages, such as the English word for secret, secret.
• Have you used it somewhere else? If so, take another one.
• No one should be able to easily guess it if they know you personally. So do not use your birthdate, or names of relatives, or your hobbies.
• Do not keep your passwords visible on your desk.

Alternatively, you can also use a password manager. This stores your passwords encrypted. You access it via a single password, which should be really strong. There are various free or paid versions, and a search engine of your choice can quickly help.

A while ago, a group of researchers compiled how long it takes to crack a truly strong password: Do you think your password is secure? A graphic shows you how long hackers take to crack it.

If you are interested in more facts about smartphones after this excursion into the often unpleasant world of data security, we have more on MeinMMO for you. Elsewhere, we have listed six myths about mobile phone use that you should no longer believe.