The word 'password' is now the most common password in the UK, taking the top sport from last year;'s winner '123456'. Passsword is also the most commonly used password across the world, according to NordPass.
NordPass has just revealed the results of its annual most common passwords research. This year's study looked into password creation trends worldwide and how password usage differs by gender and among 30 researched countries.
For the first time, NordPass also analyzed how pop culture trends influence our password choices. Despite cybersecurity experts' continuous warnings about the consequences of irresponsible password management, internet users were found guilty again. Compared to the data from 2021, 73% of the 200 most common passwords in 2022 remain the same. Furthermore, 83% of the passwords in this year’s list can be cracked in less than a second.
According to NordPass, the most common 20 passwords in the Uk this year are:
1. password
2. 123456
3. guest
4. liverpool
5. qwerty
6. arsenal
7. 123456789
8. password1
9. 12345
10. 12345678
11. chelsea
12. charlie
13. abc123
14. liverpool1
15. Parola12
16. football
17. monkey
18. chocolate
19. yuantuo2012
20. letmein
Overall, the password list of internet users in the UK shows trends that are similar to other countries’ trends.
"Password" is the most loved password in the United Kingdom and globally (used over 4.9 million times). Variations such as "password1" and "password123" are also trending.
People tend to go for convenience: Easy keyboard combinations of numbers, letters, and symbols make most lists worldwide. The UK is no exception here — easily-hackable “123456,” “qwerty,” “abc123,” and other similar passwords are highly popular.
Sports-related passwords are common in most countries. For instance, football team names or variations of them make extremely popular passwords in the UK — “liverpool” is the fourth most common password in the country, “arsenal” ranks sixth, and “chelsea” is 11th.
Using your name to secure your accounts remains a common practice of internet users. In the UK, Charlie, Thomas, Jasper, George, and Jessica were top names used as passwords this year. Globally, this trend is also big: the world's most-used people names for password creation were Daniel, Thomas, Jordan, Michael, Marina, and Jessica.
Pre-configured passwords such as “welcome” and “guest” are also commonly used to secure accounts. While “guest” is the third most common password in the UK, it is the number one pick in the United States.
When it comes to other worldwide trends, researchers noticed that password irritation is also reflected in internet users' picks this year: "f***you," "f***off, "f***you1," and similar passwords were especially notable in Canada, Australia, and the US. On the other hand, loving words are extensively used as well — "iloveyou" and its translations into other languages are highly common passwords in most countries.
Differently from previous years, in 2022, NordPass, in collaboration with independent researchers, analyzed how current events and lifestyle trends inspire our passwords. The company presents which of the world's beloved movies, sports, food, cars, video games, artists, fashion brands, and even swear words are most reflected in passwords.
As an example, "mini," "kia," and "ford" are the most common passwords in the "car" category, and "tiffany," "aldo," and "gap" top the list of fashion brands.
According to Ieva Soblickaite, the Chief Product Officer (CPO) of NordPass, this year, the sample of passwords publicly available for analysis was much smaller compared to previous years.
This trend is not surprising, because passwords are indeed getting harder to breach due to rapidly evolving technologies, says Soblickaite. She explains that more websites are now using Open Authentication 2.0 (OAuth 2.0), the industry standard designed to allow a website or application to access resources hosted by other web apps on behalf of a user, without ever sharing their passwords.
Soblickaite adds that developers have increasingly better skills in password hashing, meaning that password characters are transformed in a way that it takes longer to crack them.
"Multi-factor authentication (MFA) plays a role here too — with broader adoption of this technology, passwords are simply losing their value. Even if you hack a password, you cannot complete the identity authentication if the user has MFA enabled," says Soblickaite.
Tips to secure your passwords
Even though companies implement security measures to protect our accounts, every user still needs to be careful with their passwords. Below are a few essential tips to improve your password "hygiene":
1. Be aware of all accounts that are in your possession. Experts recommend deleting unused accounts and knowing the exact number of those that are active. This way, you can prevent gaps in your password management.
2. Make long, unique passwords, and never reuse them. Complicated combinations of numbers, uppercase, lowercase letters, and symbols make the most robust passwords. Reusing them is never an option — if one account gets hacked, other accounts are at risk.
3. Use a password manager. This technological solution fully encrypts the passwords stored in the vault and allows secure sharing. Many cybersecurity incidents happen because of simple human mistakes — people leave their passwords openly accessible for others and store them in Excel or other unencrypted applications.