Although it is common knowledge that a “weak” password can easily be guessed by someone with bad intentions, it turns out that it remains very popular.
NordPass, the password manager developed by NordVPN, has just published its annual list of the most used passwords around the world. The study is based on the analysis of 2.5 TB of data collected from public sources, including the dark web, and reveals an alarming observation: a large majority of Internet users continue to use passwords that are too simple, easy for cybercriminals to guess.
The most common passwords
Unsurprisingly, “123456” once again tops the world rankings. This combination of numbers has remained the most commonly used password for five out of six years. Other simple sequences, such as “123456789“ or “12345“, are also among the most common passwords. Here are the world’s top 10 worst passwords:
- 123456
- 123456789
- 12345678
- Password
- Qwerty123
- Qwerty1
- 111111
- 12345
- Secret
- 123123
Note that the previous year, the word “password” occupied first place, but was relegated to fourth position this time. These simple passwords can be quickly guessed using brute force attacks, an automated process where algorithms test different combinations until the correct one is found.
And in Belgium?
The Belgian classification is no exception to the rule, although some local variations appear. In 2024, several words like “azerty” and “qwerty” are making their debut, reflecting typing habits on different keyboards. Here are the 20 most popular passwords in Belgium:
- 123456
- qwerty123
- qwerty1
- 123456789
- azerty
- newmember
- password
- azerty123
- 12345678
- azertyuiop
- Qwerty1!
- 12345
- watchwoord
- Qwerty123
- pokemon
- Qwerty1
- Qwerty123!
- computer
- anderlecht
- Azerty123
75% of passwords guessed in less than a second
This year, “qwerty123” also emerges as the most common password in Canada, Lithuania, Norway and other countries. These passwords are particularly vulnerable to attacks because they are often the first tested by hackers. Worryingly, more than 75% of the most used passwords can be guessed in less than a second using techniques like brute force. According to NordPass, such carelessness in choosing passwords puts user security at risk, providing a clear path for cybercriminals to access sensitive information. The password manager says security habits have barely changed over the years. A study by NordPass shows that 40% of the most common passwords are shared between personal and business accounts, further increasing risks.
To avoid unpleasant surprises, it is essential to opt for long, complex and unique passwords. In practice, it is recommended to choose a random combination of letters, numbers and symbols, and to favor passwords of at least 12 characters. If you have trouble generating such codes, password generators and password managers can be effective solutions to avoid any bad experiences.
Also read: