A new password security report released by NordPass, in collaboration with threat intelligence firm NordStellar, has exposed the 200 most common passwords globally.
The data, compiled from a 2.5TB trove of leaked credentials sourced from publicly available databases including those on the dark web, reveals a concerning lack of improvement in global password habits.
This marks the sixth consecutive year NordPass has analyzed password trends. However, this year’s study expanded to include corporate passwords—revealing a disturbing overlap between personal and workplace credential practices.
Commonly Used Passwords
“123456” emerged once again as the most commonly used password, a title it has held five times in the last six years.
Other frequently used entries include “password”, “qwerty123” and “123456789.”
The top 20 commonly used passwords revealed by NordPass include:
- 123456
- 123456789
- 12345678
- password
- qwerty123
- qwerty1
- 111111
- 12345
- secret
- 123123
- 1234567890
- 1234567
- 000000
- qwerty
- abc123
- password1
- iloveyou
- 11111111
- dragon
- monkey
NordPass and NordStellar examined credentials from 44 countries, categorizing them by region and domain type to distinguish personal from corporate accounts.
The corporate password list featured similarly weak options, suggesting widespread negligence even within professional environments.
Common corporate passwords include:
- 123456
- newmember
- azerty
- password
- 12345678
- 123456789
- Snowflake1
- Belgium
- qwerty
- 9870987
“After six years, the data remains largely unchanged,” the report reads.
“Despite increasing awareness campaigns, people continue to reuse short, simple passwords—both at home and at work.”
The continuous negligence of weak passwords has led to increased risks of credential stuffing and unauthorized access.
According to a recent report by Sophos, compromised credentials retain the top spot as the leading cause of attacks for the second time in a row, calling for urgent adoption of stronger password practices, especially in business settings where a slip can impact entire organizations.
Healthy Password Habits
Security professionals at NordPass recommend the following:
- Use long, complex passwords: Set passwords at least 20 characters, combining uppercase and lowercase letters, numbers, and symbols.
- Avoid password reuse: Reusing the same password across multiple platforms increases the risk of widespread account compromise. An attacker with a single password of yours can cause soo many harm.
- Adopt password managers: Using password managers enables you to generate and store unique, strong passwords for all accounts.
- Switch to Passkeys: Passkeys—supported by the FIDO Alliance—use biometrics or PINs and are emerging as a safer alternative to traditional passwords. Read more on passkeys.
About Author
