Site navigation

Is Your Password Among the 200 Most Common of 2021?

Michael Behr


worst password
They may be easy to remember, but they’re also easy for hackers to guess.

Password manager NordPass has revealed the top 200 most common passwords of 2021, which could be putting users at risk.

Perhaps unsurprisingly, the most popular password was ‘123456’. Related passwords, ‘123456789’ and ‘12345’ also held the second and third position.

Combined, they had been used over 180 million times, with ‘123456’ alone used more than 103 million times.

‘123456’ and ‘123456789’ retain their position from last year.

Old favourites, including ‘qwerty’ and ‘password’ are on the list. Strings of numbers, such as ‘111111’ and ‘123123’ make up the rest of the top ten.

Outside of these passwords, and similar derivatives, such as classics like ‘password123’ and ‘abc123’, the most popular phrase was ‘iloveyou’, which was used over 4 million times. Words like ‘dragon’ and ‘monkey’ also featured highly, each being used around 2.5 million times.

While these passwords may be simple and easy to remember, NordPass warned that they could all be broken in less than a second by hackers. Even more complicated passwords, like 14th ranked ‘aa12345678’ take only two seconds to crack.

The highest ranked password that takes more than a few seconds to crack was ‘myspace1’, which came in at 54th and takes around three hours. This makes it one of strongest passwords on the list.

The most popular name on the list was ‘michael’, 66th, and the most popular women’s name was ‘ashley’, 88th.

For the UK, the third most popular password was ‘liverpool’, which was 121st on the global list. ‘liverpool1’ was also the eighth most popular password.


As cybercriminals have become more sophisticated, they have become better at breaking passwords. By using automation and AI, lists of common passwords can be tried one after the other in rapid succession.

AI can determine common derivatives of regularly used passwords. Even random chains of numbers and letters can be entered by computer programs, brute forcing short passwords.

Passwords are the first line of defence against threat actors. But without a good password culture, they become more of a liability.

A study from last month revealed that attacks involving malware designed to steal passwords increased by 45% in the past six months. While this illustrates the importance of additional security measures, such as multi-factor authentication, it also shows how desirable hackers find passwords.

Reusing passwords is another poor habit that puts people at risk. Should a data breach occur, and bad actors access login details for one account, the details can be used to compromise other accounts.

In addition, the National Cyber Security Centre (NCSC) has warned people not to use the names of their pets in passwords. According to their research, around 15% of the UK populations did this.

The bad passwords on NordPass’s list illustrate some of the bad habits people indulge in. Sequential strings of numbers are short and easy to remember.

Making passwords long and complicated makes them a lot harder to guess and much more difficult for machines to brute force. Passphrases, made up of three or more words, are better than passwords.

Using password managers helps people remember their passwords and can also help generate strong passwords.

Get the latest news from DIGIT direct to your inbox

Our newsletter covers the latest technology and IT news from Scotland and beyond, as well as in-depth features and exclusive interviews with leading figures and rising stars.

We will keep you up to date on the pivotal issues impacting the sector and let you know about key upcoming events to ensure that you don’t miss out on what’s going on across the Scottish tech community.

Click here to subscribe.

Michael Behr

Senior Staff Writer

Latest News

Cryptocurrency Marketing
Digital Transformation Editor's Picks Featured Features
%d bloggers like this: