Stay Safe Online

The worst, most used passwords of 2020 revealed…

Every year we report on the most used passwords of the last 12 months in what is a predictably predictable annual article. It’s fair to say it’s been a turbulent year, and yet it seems that many people’s password habits are, to say the least, consistent.

Consistently bad, of course.

We have been using data released by SplashData over the last few years to determine what the most used passwords are, but they’ve not done their yearly analysis for 2020 (from what we can see, anyway) so we’re switching over to NordPass, a password management company, for the data.

And again, as we say ever year, don’t fret – these companies are not “hacking” your accounts to discover your passwords. The data they use for analysis comes from company data leaks that occur throughout the year that results in people’s passwords finding their way online. Such leaks happen every year, and this is why we never recommend using the same password across multiple accounts.

But based on the list below, we’re guessing that’s more advice that people will ignore.

So in first spot is, again, 123456. That password has topped SplashData’s list every year since 2013, and with its entry into this list from NordPass, that makes it eight years in a row as the most commonly used password.


Sponsored Content. Continued below...




To really bring home the point how bad a password 123456 is, NordPass points out that it would take automated software less than one second to crack that password in a brute force attack (brute force being guessing one password after another.)

The same applies to 123456789, which takes second spot, and it was also second in 2019 and third in 2018.

Picture1 was in third, which is a newbie to the top ten, and in fourth place is password (a previous top spot entrant pre-2013) which was also fourth in 2019 and second in 2018.

Such passwords are becoming less popular – slowly – because companies are forcing their users into picking stronger passwords (though sometimes it can feel like these requirements are a little too stringent!)

The passwords discussed above are bad. They take seconds (or less) to crack and they’ll likely spur on credential stuffing scammers should these passwords leak online – which they did. Don’t use them. You’re only asking for trouble.

Learn more about creating a strong password in our blog here.

Here’s the full, depressingly predictable top 25 most used passwords from NordPass for 2020.

#25 qwertyuiop
#24 654321
#23 123321
#22 omgpop
#21 123
#20 Qqww1122
#19 password1
#18 aaron431
#17 iloveyou
#16 1234
#15 000000
#14 Million2
#13 abc123
#12 qwerty
#11 1234567
#10 senha
#9 1234567890
#8 12345
#7 123123
#6 111111
#5 12345678
#4 password
#3 picture1
#2 123456789
#1 123456

See the 2019 list here and the 2018 list here.

Share
Published by
Craig Haley