Cybersecurity firm reveals the 10 most common passwords of 2024 — see if yours is on the list

As the pandemic accelerated digitization across the globe, cybercrimes also went up at an alarming rate in the years that followed. Although that should naturally prompt people to protect their data and accounts with stronger passwords, an analysis by NordPass suggests that it's sadly not the case. It turns out that the most common online passwords used around the world are the easiest to guess as well.

Nord Security analyzed a vast database of online passwords, with the help of its password manager NordPass for the fifth straight year. In a discovery that should raise the alarm, it found that 123456 was the most common online password.

Despite several warnings, it has topped the list for the third time in 5 years and was only beaten by another common combination 12345, in 2019, and something as basic yet unpredictable as “password”, in 2022.

Other than that, below are the top 20 most common passwords, and for those who find theirs in the list, it may be a good time for an update.

1. 123456

2. admin

3. 12345678

4. 123456789

5. 1234

6. 12345

7. password

8. 123

9. Aa123456

10. 1234567890

11. 1234567

12. 123123

13. 111111

14. Password

15. 12345678910

16. 000000

17. admin123

18. 1111

19. P@ssw0rd

20. root

Apart from passwords, the most common four-digit PINs that often protect financial assets are also easy to guess and were spotted in another cybersecurity study.

Data Genetics presented the data on the most exploited PINs originally compiled by the late Nick Berry. About 3.4 million such PINs were analyzed to create a comprehensive map in association with Data is Beautiful.

Following the trend of the most common passwords, '1234' emerged as the most common four-digit PIN. Second on the list was another easy-to-guess combination of '1111', making up about 6% of all the PINs. The PINs '0000', '1212', and '7777' rounded off the list of the top 5 most common PINs.

While easy-to-remember passwords are convenient, they also are easy to crack for cyber criminals who even use sophisticated software to breach accounts in seconds. These tools are often freely available on the dark web, making it easy for anyone to exploit non-vigilant users.

Even without software, criminals can comb through social media profiles to look for important names and dates for decoding passwords. Even celebrities have fallen victim to hackers who gained access to their public accounts to cause damage.

How to Set Strong Passwords?

It is rather easy to create strong passwords that can also be remembered well. The CISA, America's cyber defense agency has laid out three simple steps that can help people set strong and unique passwords.

Firstly, the CISA recommends that a password should at least have 16 characters. Using longer combinations of words, numbers and characters make passwords safer.

The second step is to use a string of mixed-case letters, numbers, and symbols. Using a memorable phrase of 4 – 7 unrelated words and combining it with numbers and special characters is a good tactic.

The third and final thing to do is to use different passwords for different accounts. Using the same password for multiple accounts puts people at a greater risk.

If it gets too confusing, users can also opt for tools like a Password Manager that helps them store and remember passwords easily. This is better than writing passwords down or saving them on a computer as they are safely stored and often encrypted.