Password manager NordPass has published its annual Most Common Passwords report, covering not only the most popular passwords globally but also the passwords in 50 different countries, as well as the most common passwords among men and women in every single country.
Here are the main takeaways from the research:
Passwords vary greatly in different locales and among genders. Local cultural references can be found in every country, from local football team names (for example, “steelers” in the US, “liverpool” in the UK, “colocolo” in Chile, “nacional” in Brazil, “sparta” in Czech Republic, “marseille” in France, “schalke04” in Germany, “olympiakos” in Greece, and many more) to famous local beverage names (“guinness” in Ireland) and religious passwords (“christ” in Nigeria, “bismillah” in Saudi Arabia).
For South Africa, the most common passwords included easy-to-remember number patterns and people’s names. The full list of 200 weakest passwords is here.
The top 20 were as follows:
With regard to the differences among genders, the research has revealed interesting trends in various countries. For example, women tend to use such music-related passwords as “onedirection” or “justinbieber”, whereas men used such bands as “metallica” and “slipknot”.
Another difference spotted among genders was that, overall, women used more positive and loving words, such as “sunshine” or “iloveyou”. While in some countries men used such passwords too, they were generally in lower positions or not as many variations were used.
Men tend to use more sports, especially football-related passwords. In some countries, men also used more swear words than women, said NordPass.
There were many similarities among countries. Easy number combinations, such as the winning “123456”, are popular everywhere in the world. In fact, “123456” was the most popular password in 43 countries out of the 50 analyzed, but the top passwords in the remaining seven countries were not that different: in India, the top password was the word “password”, Indonesia — “12345”, Japan — “password”, Portugal — “12345”, Spain — “12345”, Thailand — “12345”, Ukraine — “qwerty”.
“Qwerty” and variations of it, or the localized versions of “qwerty” (for example, “azerty” in French-speaking countries, “qwertz” in German) are also popular in all the analyzed countries, the password management company said.
The report also devised a risk index that sorts countries into three risk tiers: low, average, and high. The index has been devised according to the number of passwords leaked per capita. Russia tops this ranking, while the US comes fifth — one of the highest volumes of passwords leaked per capita (5.157).
“Unfortunately, passwords keep getting weaker, and people still don’t maintain proper password hygiene,” said Jonas Karklys, CEO of NordPass. “It’s important to understand that passwords are the gateway to our digital lives, and with us spending more and more time online, it’s becoming enormously important to take better care of our cybersecurity.”
What do cybersecurity experts advise?
- Use strong and unique passwords for every account. If you spotted your password on this list, change it immediately.
- Use MFA (multi-factor authentication) wherever possible, whether that’s a phone message or a fingerprint.
- Monitor your accounts for suspicious activity so you can spot a data breach early on.