NordPass has released its seventh annual Top 200 Most Common Passwords research, identifying the most popular passwords globally, in 44 countries. This year, the company decided to look at common passwords by generation as well as overall.
Topping the list as it often does is “admin,” which remains to number one password in Canada. Despite the obvious reasons why it’s the worst possible password you can use (you might as well not have one!), “123456” is the second most popular.
Despite the possible belief that younger generations know better and it’s our aging, less tech-savvy population that is skewing the numbers towards these unsecure passwords, that isn’t6 the case. The research found that password quality is equally poor across all generational groups. For every age bracket, “12345” and “123456” consistently emerge as the top choices.
Older generations do have a habit they haven’t been able to break: they constantly use names in their passwords. Generation Y and Z seem to know better, but they do use numeric combinations like “1234567890” and hilariously, the word (or non-word?) “skibidi.” Along with common numerical sequences, another password commonly used by Canadians is “qwerty123,” the top five letter and number keys on a computer keyboard. Also often used is “1q2w3e4r5t.”
Compared to last year, researchers observed a significant increase in the use of special characters in passwords. This year, 32 passwords on the main list include special characters, a notable rise from just six last year. Unfortunately, most of them are no more complicated than “P@ssw0rd,” “Admin@123,” or “Abcd@1234.” It’s possible that people are using special characters as well because websites, apps, and software more commonly now require them.
Other common passwords that crack the top 200 include, of course, “password” along with “Pass@123,” “admin123,” “P@ssw0rd,” “abcd1234,” and “Welcome@123.” If you recognize any of these, or any others on the list, as ones you use, log in and change them now. In fact, it’s a good idea to change your passwords periodically, at least every three months or so, to ensure security.
“Generally speaking, despite all efforts in cybersecurity education and digital awareness over the years, data reveals only minor improvements in password hygiene,” says Karolis Arbaciauskas, Head of Product at NordPass. “The world is slowly moving towards passkeys — a new passwordless authentication method based on biometric data — but in the interim, until passkeys become ubiquitous, strong passwords are very important. Especially since around 80 per cent of data breaches are caused by compromised, weak, and reused passwords, and criminals intensify their attacks till they can.”