A study reveals the list of worst passwords of 2019

Pierluigi Paganini December 17, 2019

Another year is ending and this is the right time to discover which are the worst passwords of 2019 by analyzing data leaked in various data breaches.

Independent anonymous researchers, compiled and shared with security firm NordPass a list of 200 most popular passwords that were leaked in data breaches during 2019. The company collected 500 million passwords in total and the results were disconcerting.

Over 2019, security experts reported several data breaches that affected billions of internet users, for example, the popular Collections #1-5 alone contained exposed 3 billion records. With data breaches becoming so commonplace, internet users need to step up their cybersecurity game.

The research conducted by NordPass revealed that bad habits continue to expose users to the risk of hack, users continue adopting weak passwords because they are easier to remember, and share them among multiple services online.

“The most popular passwords contain all the obvious and easy to guess number combinations (12345,111111,123321), popular female names (Nicole, Jessica, Hannah), and just strings of letters forming a horizontal or vertical line on a QWERTY keyboard (asdfghjkl, qazwsx, 1qaz2wsx, etc.). Surprisingly, the most obvious one — “password” — remains very popular; 830,846 people still use it.” reads the post published by NordPass.

Experts found that ‘12345’, ‘123456’ and ‘123456789’ are the most popular passwords, followed by ‘test1’ and, the ‘password’.

Other easy to predict common passwords are simple strings as ‘asdf’, ‘qwerty’, ‘iloveyou,’ along with simple numerical strings and common names. The data are quite identical to the ones reported in the studies on the worst passwords conducted by SplashData in the last years.

Below the Top25 list of the 200 most popular passwords shared by the experts:

RankPassword
112345
2123456
3123456789
4test1
5password
612345678
7zinch
8g_czechout
9asdf
10qwerty
111234567890
121234567
13Aa123456.
14iloveyou
151234
16abc123
17111111
18123123
19dubsmash
20test
21princess
22qwertyuiop
23sunshine
24BvtTest123
2511111

Below recommendations provided by the experts:

  1. Go over all the accounts you have and delete the ones you no longer use. You can use haveibeenpawned.com to check if your email was ever in a breach.
  2. Update all your passwords and use unique, string passwords to protect your accounts. Adopt a password generator.
  3. Use 2FA if you can.
  4. Set up a password manager.
  5. Be vigilant for suspicious activities and if you notice something unusual, change your password immediately.
[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – worst passwords, hacking)

[adrotate banner=”5″]

[adrotate banner=”13″]



you might also like

leave a comment