In today’s digital world, your password is your first line of defense. Yet, millions of people still rely on weak, easily guessed passwords like "123456" or "password", leaving their accounts wide open to cybercriminals.
While cybersecurity experts push for safer alternatives like passkeys, passwords are still an essential part of daily digital life.
However, a new anyIP analysis based on NordPass' annual review reveals that weak and predictable passwords are still alarmingly common, leaving users vulnerable to increasingly sophisticated cyberattacks, reports ZAP.
The Most Vulnerable Passwords of 2024
Using data from NordPass' annual review, anyIP identified the 200 weakest passwords of the year. As expected, the most commonly used—and easiest to hack—passwords included:
123456 – Used over 112 million times worldwide.
123456789 – Slightly longer, but just as insecure, with over 50 million uses globally.
password – Still widely used in countries like the UK, Australia, and the US.
qwerty – A predictable keyboard pattern popular in Canada, Lithuania, and Norway.
According to Forbes and Trend, nearly 50% of the most commonly used passwords follow basic numeric or pattern-based sequences, making them highly vulnerable to automated hacking tools.
Beyond the obvious weak passwords, researchers also found that people frequently use pop culture references and common words that hackers can easily guess.
Some of the most surprising entries on the list include: secret, iloveyou, football, princess, superman, computer, killer, liverpool, batman, chelsea, facebook, cheese, naruto, minecraft, and pokemon.
Even though these may seem unique, they are widely used and often included in hacker databases, making them just as unsafe.
"Hackers are increasingly using advanced tools to break into accounts in seconds," warns Khaled Bentoumi, co-founder of anyIP. "Relying on weak passwords is like leaving the front door unlocked."
How to Protect Yourself
Cybersecurity experts strongly recommend switching to passkeys, which use randomized authentication and are much harder to compromise. However, if you must use passwords, follow these guidelines:
Use a password manager to generate and store complex, unique passwords.
Never reuse passwords across multiple accounts.
Avoid common words or number sequences like password or 123456.
With cyber threats evolving rapidly, taking simple precautions can prevent security breaches.
