Comments on 19 billion passwords show people still bad for them

Your password may smell bad. At least this is what a new research institute shows.

Cybernews researchers studied over 19 billion passwords, with only 6% of them identified as unique passwords, meaning they are not reused or duplicated. Worse, the most common passwords are too simple. 4% of all passwords studied by Cybernews (about 727 million) include the word “1234”. Phrases like “password” and “admin” are also common, meaning people are still relying on preset passwords.

“The 'default password' issue remains one of the most persistent and dangerous patterns in the leaked credential dataset. The entries 'password' (56m) and 'admin' (53m) show that users rely overwhelmingly on simple, predictable default values,” said Neringa Macijauskaitė, an information security researcher on the network. “The attackers also prioritize it, putting these passwords within the least secure range.”

Researchers have also found many passwords that rely on names, or, interestingly, cursed words. For example, 16 million passwords include F bombs.

Research has shown time and time again that we work hard to create passwords. For example, a study covering Mashable late last year, Nordpass found that the most common passwords were very simple.

According to Nordpass, these are the top ten passwords in the world in 2024.

1. 123456

2. 123456789

3. 12345678

4. password

5. Qwerty123

6. QWERTY1

7. 1111111

8. 12345

9. secret

10. 123123

So if you read this article and it seems…a little too familiar, maybe it's time to update your password. At least, don't use “123456”.