• Researchers analyzed data leaked in various data breaches to bring this study forward.
  • Passwords ‘12345,’ ‘123456,’ and ‘123456789’ were the most common passwords, followed by ‘test1’ and, of course the password ‘password’.

A bunch of independent anonymous researchers composed a list of 200 most popular passwords that were leaked in data breaches during 2019 and shared it with security firm NordPass.

What researchers found?

NordPass collected and analyzed a total of 500 million passwords from breaches this year. And the results of the study were consistent with findings from similar studies in previous years.

  • The notorious Collections #1-5 breaches alone exposed 3 billion records.
  • Weak password logic also included strings of letters forming a horizontal or vertical line on the keyboard, such as asdfghjkl, qazwsx, 1qaz2wsx, etc.
  • The most obvious—‘password’— remained popular with 830,846 people still using it.
  • Passwords ‘12345,’ ‘123456,’ and ‘123456789’ were the most common passwords, followed by ‘test1’ and, the password ‘password’.
  • Passwords containing popular female names included Nicole, Jessica, Hannah, etc.

Along with simple numerical strings and common names, other easy to crack common passwords were simple strings such as ‘asdf,’ ‘qwerty,’ ‘iloveyou,’ etc. Experts have found resemblance in the data with the last year’s report by SplashData on the worst passwords.

Top 25 list of worst passwords

Below is the Top 25 list out of the 200 most popular passwords shared by the experts:

  1. 12345
  2. 123456
  3. 123456789
  4. test1
  5. password
  6. 12345678
  7. zinch
  8. g_czechout
  9. asdf
  10. qwerty
  11. 1234567890
  12. 1234567
  13. Aa123456.
  14. iloveyou
  15. 1234
  16. abc123
  17. 111111
  18. 123123
  19. dubsmash
  20. test
  21. princess
  22. qwertyuiop
  23. sunshine
  24. BvtTest123
  25. 11111

The takeaway

The research revealed that bad practice of using common passwords continues to give an edge to attackers online. Two big mistakes that people commit are - they adopt weak passwords because they are easier to remember and, use common passwords among multiple online services. With data breaches becoming so commonplace, internet users need to avoid such common mistakes and improve their cybersecurity posture.

Cyware Publisher