Using a bad password is sort of akin to leaving your garage door wide open while away on vacation—you're just making it too easy for any passerby who is up to no good. And by "bad" I don't mean vulgar, but weak passwords that are easy to crack. Like "123456," the most common password of 2020.
That specific password, which is only slightly better than the one Dark Helmet uses on his luggage, was exposed over 23 million times in 2020, according to a list compiled by NordPass (opens in new tab), makers of the one of best VPNs for gaming (opens in new tab). It's followed by "123456789," "picture1," "password," and "12345678" to round out the top five most commonly used passwords.
The full list is 200 entries long and mostly what you would expect—incredibly dumb passwords, most of which can be cracked in less than a second, according to NordPass. And I'm sure they're mostly used as one-off throwaways, like when you're trying to access an article or site and are required to create an account to do so.
Be that as it may, you just know some people actually use these passwords for more important accounts. It's impossible to know how many, but the sheer volume leaves little doubt. For example, NordPass found over 2.5 million people used "123456" in 2020.
"According to research, the majority of people use simple and easy-to-remember passwords, because it’s convenient. But the problem is that most memorable passwords are highly vulnerable to cracking," NordPass says.
Interestingly, there are some new entries rather high on the list. One of them is "senha" in the number 10 spot, as ranked by how many people have used it (167,728). It takes 10 seconds to crack that one. And "picture1" is also new, ranking as the third most used password. That one takes three hours to crack, based on whatever criteria NordPass is using to make that determination.
A few of the other new entries include "Million2" (No. 14), "aaron431" (No. 18), "qqww1122" (No. 20), and "omgpop" (No. 22).
Using strong and different passwords on accounts that are even remotely important is highly advised. NordPass offers an online password generator (opens in new tab) if you need help. I'd also suggest to enable two-factor authentication (2FA) wherever possible, for an added layer of protection.