NordPass recently exposed the worst passwords of 2020 with detail showing how many times a password was used, exposed in data breach and how long it took to guess the password in a brute force attack, where automated attempts to login are underway. NordPass is a password management company. According to the company people are using a most basic password, which can be cracked easily.

After analyzing 275,699,516 passwords, NordPass released a list of the 200 most commonly used passwords used for online accounts in 2020 which are easy to guess. This list of passwords can be easily cracked by attackers in less than a second or two. Besides that, only 44% of those recorded were considered unique.

The list published shows that many people prefer using a weak password even knowing they can be cracked easily. The most popular options among the users were “123456”, “123456789”, “123456789”,” picture1” and “password”. Though the short password “12345” ranked first last year, it’s being used by 188,000 users this year also and ranks in eighth position.

How long does it take to crack the password?

According to research conducted, people prefer to use simple and easy to remember passwords, as well as swear words, numbers, names and food.

Here, the top password “123456” was cracked in less than a second. Similarly, the password which ranked 17th last year which is “111111” has made it to 6th position and the number “123123” raised to 18th from 17th position. Each password was cracked in less than a second.

Similarly, the text password “picture1” is the third most commonly used password. However, it took 3 hours to crack it. Likewise, the password “password“ is the fourth most used text password which was cracked in less than a second.

The top ten passwords in the list can be cracked in 10 seconds or less, while “picture1” being an exception took 3 hours.

Most commonly used Top 50 Passwords of 2020

worst passwords of 2020, commonly used password

How strong is your Password?

password strength

Tips for generating strong passwords?

We use different services on the internet. Some of them are free to use while some are paid. Both the free and paid service providers request users to create an account before using their services. There are few service providers which claim to have followed the strongest password patterns, but what about others? So before creating a password we need to keep a few things in mind and come up with as strong a password as possible.

·       Use a longer password, but don’t use phrases. Instead you can mix up words like “BikeCatSummerPirate”.

·       It is always a good practice to mix-up Uppercases, lowercases, special characters and numbers. Don’t use numbers in a generic way, it’s not wise to use two or three consecutive numbers at the end. But you may put them in the middle. Eg: “cap$78Bamboo1*”

·       Don’t use the same password in different platforms. If someone cracked your password on a single site, all your digital world will be at stake.

·       Test the password you created using the website like PasswordMeter.

Lastly, if you find it hard to remember passwords for different accounts you can use a password locker. RoboForm Free / RoboForm Everywhere, LastPass, Dahlane and Sticky Password are a few good examples of password lockers.


Please enter your comment!
Please enter your name here