Worst Online Passwords: Research has found these are the 10 passwords easiest to crack by criminals

If you are using one of these passwords to keep your online details safe, we'd suggest you swiftly change it.
By David Hepburn
Published 8th Feb 2024, 11:53 BST
Comment
It's best to use a password made up of letters, numbers and symbols (best not use this particular one though!)It's best to use a password made up of letters, numbers and symbols (best not use this particular one though!)
It's best to use a password made up of letters, numbers and symbols (best not use this particular one though!)

A new study has revealed the most commonly leaked passwords online - which can lead to criminals illegally using your details, taking control of social media accounts, or even emptying your bank balance.

Database experts Red9 came up with the list after analysing the number of times passwords appeared within publicly posted data breaches on www.HaveIBeenPwned.com - a website that allows you to check if your personal details are at risk.

The most common password - '123456' - was seen an incredible 42,542,897 times, with the top 10 responsible for a staggering 196,540,378 breaches.

And there were some surprises amidst the more obvious numerical sequences, with '1q2w3e' featuring on the list. It may appear to be a random combination of numbers and letters, but is actually the first six adjacent keys on a computer keyboard in an alternating format.

Interestingly, six-character passwords were the most common, accounting for 91,644,362 of all searched passwords within the breaches. Eight-characters was the second most common password length and were seen 35,083,201 times throughout breaches.

Red9 founder Mark Varnas said: “The findings highlight the importance of heightened awareness regarding password security, as certain commonly used passwords continue to pose significant vulnerabilities. In light of these findings, users are strongly encouraged to adopt more robust password practices to enhance their digital security.

"Employing a combination of uppercase and lowercase letters, numbers, and special characters, and avoiding easily guessable information such as names and birthdays, can significantly bolster the resilience of passwords against unauthorized access.

"Regularly updating passwords and refraining from using identical ones across multiple accounts, further fortifies your defence against potential security threats.”

The top 10 most leaked passwords, and the number of times they have featured in data breaches, are as follows:

  1. 123456 (42,542,807)
  2. 123456789 (18,313,580)
  3. qwerty (10,713,794)
  4. password (10,382,543)
  5. 12345678 (6,901,438)
  6. 111111 (5,070,941)
  7. qwerty123 (4,880,569)
  8. 1q2w3e (4,486,025)
  9. 1234567 (4,351,342)
  10. 1234567890 (4,130,502)
Related topics:Online safety
Comment

Comments

 0 comments

Want to join the conversation? Please or to comment on this article.