The worst and most common passwords of 2021 revealed

How much thought do you put into your passwords?

Hopefully, the importance of password security became more apparent with many more people embracing online shopping in the wake of various lockdowns during the pandemic.

However, there are plenty of people who are still far too lazy when it comes to their passwords, as the annual report into the 200 most common passwords shows.

Read: How to avoid being tracked online

The list, compiled by password management company NordPass, is headed by ‘123456’.

Unlike previous years, NordPass separated them by country to see if there were certain trends appearing in certain areas.

However, there was very little variation when it came to the top of the list with ‘123456’ ranking number one in 43 of the 50 countries that were analysed.

Read: Password managers explained

Other passwords that were extremely popular were ‘qwerty’, ‘password’, ‘password123’ and ‘1q2w3e’.

Plenty of other weak passwords are at the top of the password hall of shame, including ‘111111’, ‘123123’, ‘Iloveyou’, and an upgraded version of the reigning champion, ‘123456789’.

The analysis also revealed that people are quite fond of using their own names as passwords. Female names mostly dominate the women’s lists, and male ones men’s.

Read: How to get around difficult two factor authentication issues

However, the research uncovered a few interesting and rather peculiar password choices. Just look at the infographic below.

NordPass’s Patricija Cerniauskaite said sports and entertainment also provided the inspiration for many passwords.

“Passwords such as ‘pokemon’, ‘naruto’, ’eminem’, ‘metallica’, ‘onedirection’, ‘liverpool’, ‘arsenal’, and ‘sparta’ were quite popular yet poor choices,” Ms Cerniauskaite said.

“However, this is nothing new. Generally speaking, the main trend we can see is that people are quite lazy when choosing a password to secure their online accounts.”

The Australian top 10 most commonly used passwords looked like this:

While eight of the top 10 Australian passwords were common around the rest of the world and could be cracked in less than one second, Australia did have a couple of discrepancies.

In this place was the password ‘lizottes’, which was the password on 98,220 accounts and was estimated to take around three hours to crack, and in 10th place was the password ‘holden’, which was used on 30,844 accounts and was estimated to take two minutes to crack.

Just because some passwords were common did not make them necessarily bad. In 71st place on the Australian most common password list was ‘billabong’, which it was estimated would take one day to crack and in 160th position was ‘billabong1’, which it was estimated would take 12 days to crack.

Australia also benefits from its sports teams being relatively unknown by international hackers. The password ‘collingwood’ was 180th on Australia’s list of most common passwords, but it was estimated it would take four months to crack.

Despite a few outliers on the Australian list, NordPass said that 84.5 per cent of the passwords on this year’s list could be cracked in less than a second, compared to just 73 per cent last year.

“The steep rise is quite concerning Ms Cerniauskaite said. “We’ve said it before, and we’ll say it again: passwords are the gateway to your digital lives, and they must be taken seriously.”

Look at the full list of the top 200 most common passwords here.

Do you have a lazy password? Were you aware that weak passwords could be cracked in less than a second? Why not share your thoughts in the comments section below?

If you enjoy our content, don’t keep it to yourself. Share our free eNews with your friends and encourage them to sign up.

Written by Ben