Content

Home > News > Worst passwords of 2023 include some familiar favorites. See the list.

Worst passwords of 2023 include some familiar favorites. See the list.

time:2025-04-28 06:59:07
«--    --»

When it comes to strong passwords, we never seem to learn.

Cybersecurity experts have been telling us for years what notto use for passwords, and yet, "123456" and "password" still top the list. This week, NordPass published its fifth annual list of the 200 most common passwords — and there are some repeat offenders. The password manager evaluated 4.3 terabytes of data related to cybersecurity incidents and the top passwords are truly lacking in originality. Here are the top 10:

  • 123456

  • admin

  • 12345678

  • 123456789

  • 1234

  • 12345

  • password

  • 123

  • Aa123456

  • 1234567890

According to NordPass's findings, all of these passwords took less than a second to crack.

Mashable Light Speed Want more out-of-this world tech, space and science stories? Sign up for Mashable's weekly Light Speed newsletter. By clicking Sign Me Up, you confirm you are 16+ and agree to our Terms of Use and Privacy Policy. Thanks for signing up!
SEE ALSO: What are password managers and how to pick the right one

Further down on the list are some slightly more creative passwords. Ranked at 136 is "iloveyou" (aw) and at 183 is "changeme." So, still not great.

Lock up those streaming apps

This year, NordPass dug a little deeper into the data and analyzed password strength by platform category. Streaming services have some the weakest credentials when compared to other sites. Perhaps to make it easier to share with friends and family despite Netflix's best efforts? Unfortunately, this also makes it ridiculously easy for hackers; 86 percent of cyberattacks come from stolen credentials.

Related Stories
  • Save 90% on a lifetime subscription to this password manager
  • Just get a password manager already — here are the best options

Once again, let's review how to create a strong password

  • Passwords should be long and complex, with uppercase and lowercase letters, symbols, and numbers, and never anything related to easily guessable information, like birthdays, addresses, or phone numbers.

  • It's tempting, but don't reuse the same password for multiple sites. If hackers get their hands on it, they automatically have access to everywhere else it was used. NordPass also recommends taking the time to review existing passwords and update ones that are weak or repeated.

  • Wherever possible, try to use passkeys instead of passwords. Passkeys are unique codes, tethered to your device, making them much more secure and less susceptible to breaches. More and more companies like Apple, Microsoft, Google, and Amazon are adopting passkey support as a safer alternative.

  • Last but not least, consider getting one of the best password managers, which can create randomized passwords for you and then store them securely. pa

That said, password managers have been subject to breaches, so do your homework educate yourself on how password managers keep your credentials secure. Last year, LastPass was hacked, but password data was encrypted and remained secure, since only users are able to decrypt their credentials with their master password.

Knowledge

Hot Spots


Flinks

Links