Chances are that if a password is easy for you to remember, a hacker can easily crack it. And despite years (and years) of tech companies warning consumers to use hard-to-crack passwords, plus two-factor authentication, people are still using laughably insecure codes.

Of NordPass' 200 most used passwords for 2020, the top three are 123456, 123456789, and picture1. Next on the list is just "password," but various number combinations, as well as qwerty, abc123, and Million2 also make the list. You should also avoid iloveyou, omgpop, ashley, chatbooks, princess, sunshine, dragon, and pokemon as passwords.

NordPass worked with a third-party provider to evaluate a database containing 275,699,516 passwords. Of those, only 122,894,788, or 44%, were unique. The others were repeats of common, easy-to-remember passwords that leave users highly vulnerable to online threats. Only 78 out of 200 of the most used-passwords this year were new.

If your password is among the top 200, NordPass cybersecurity expert Chad Hammond encourages you to change it immediately. “Most of these passwords can be hacked in less than a second,” says Hammond. “Also, they have already been exposed in previous data breaches. For example, the most popular password, ‘123456,’ has been breached 23,597,311 times.”

So what can you do to strengthen your security? Use complex passwords and store them in a password manager; some are free. Keeper, LastPass, and Dashlane are PCMag Editors' Choice password managers. You should also use two-factor authentication where available.

Here are the top 20 most common passwords for 2020; check out the full list here.

  • 123456
  • 123456789
  • picture1
  • password
  • 12345678
  • 111111
  • 123123
  • 12345
  • 1234567890
  • senha
  • 1234567
  • qwerty
  • abc123
  • Million2
  • 000000
  • 1234
  • iloveyou
  • aaron431
  • password1
  • qqww1122


PC Magazine