The worst passwords of 2020: Is it time to change yours?

The worst passwords of 2020: Is it time to change yours?

They’re supremely easy to remember, as well as easy to crack. Here’s how to improve your password security.



Cybersecurity experts often share advice about the do’s and don’ts of passwords as a vital part of good cyber-hygiene practices. And yet, annual roundups of the most common passwords show that many of us continue to prioritize convenience over security, putting our accounts and data at risk of theft.


NordPass has just revealed the 200 most commonly used passwords on the web in 2020, showing yet again that various easy-to-guess combinations of numbers remain as popular as ever. Seven out of the top ten worst passwords were made up of various numerical combinations, with “123456”, “123456789” and “12345678” occupying the first, second and fifth places, respectively. The third spot went to “picture1”, a new addition to the list, and was followed by, well, “password”.


If that isn’t a cause for worry, then perhaps these two facts should be –  the top five passwords have over 4.5 million users among them and they account for more than 38 million combined exposures in data breaches. Moreover, all of these passwords, except “picture1”, could be cracked in less than a second.


The chart is mostly made up of entries that also made it onto the lists of the most common passwords last year and the year before. But there have also been 78 new additions to the list, such as “senha” (Portuguese for “password”), “Million2” or “aaron431”. Part of the last one is also the most popular name used as a password. ..