After analyzing 275,699,516 passwords leaked during 2020 data breaches, NordPass and partners found that the most common passwords are incredibly easy to guess — and it could take less than a second or two for attackers to break into accounts using these credentials. Only 44% of those recorded were considered “unique.”
The password manager solutions provider published its annual report on the state of password security, finding that the most popular options were “123456,” “123456789,” “picture1,” “password,” and “12345678.”
With the exception of “picture1,” which would take approximately three hours to decipher using a brute-force attack, each password would take seconds using either dictionary scripts — which compile common phrases and numerical combinations to try — or simple, human guesswork.
Here are the top 10 worst passwords for 2020, according to the NordPass analysis: