Top 200 Most Common Passwords
Research breakdown
Methodology
The list of passwords was compiled in partnership with independent researchers specializing in researching cybersecurity incidents. They evaluated a 4.3TB database extracted from various publicly available sources, including those on the dark web. No personal data was acquired or purchased by NordPass to conduct this study.
Up to 35 countries
Researchers classified the data into various verticals, which allowed them to perform a statistical analysis based on countries. NordPass exclusively received only statistical information from the researchers, which gives no reference to internet users’ personal data.
Eight types of platform categories
NordPass, in partnership with third-party researchers, analyzed passwords from a 6.6TB database. These passwords were stolen by various stealer malware, such as Redline, Vidar, Taurus, Raccoon, Azorult, and Cryptbot. Malware logs include not only passwords, but also the source website. Researchers categorized the most popular passwords per platform type and shared statistically aggregated findings with NordPass.
Findings
Top passwords: A category comparison
People exhibit a variety of password habits depending on the platform category at hand. Explore how password creation and management habits diverge across various digital platforms.
Interesting findings
The password problem
86%
of all web app attacks use stolen credentials
Source: Verizon
18%
of the most common items for sale on the dark web are online accounts, emails, and passwords.
Source: NordVPN.com
24B
Credentials have been breached since 2016
Source: Reliaquest.com
100
is the number of passwords that an average user has.
Source: NordPass
Is it time to wave passwords goodbye?
Passkeys are here to stay
Passkeys, based on FIDO standards, are the modern solution to the password problem. At NordPass, we're one of the early adopters of passkey technology, allowing our users to enjoy a secure and smooth online experience.
Fundamentals of password safety
Use complex passwords
Your password should be at least 20 characters long and include a mix of uppercase and lowercase letters, numbers, and special symbols. Avoid using easily guessable information like birthdays, names, or common words.
Never reuse passwords
Never use the same password across multiple sites or services. If one account gets compromised, all your accounts could be at risk.
Check your passwords
Take the time to regularly assess your password health. Identify weak, old, or reused passwords and improve with new and complex ones for a safer online experience.
Get in touch
If you are interested in receiving additional information regarding the most common passwords list or want to request an interview, please contact us at [email protected] and we will get back to you shortly.