© 2021 CyberNews - Latest tech news, product reviews, and analyses.

If you purchase via links on our site, we may receive affiliate commissions.

Most common passwords: latest 2021 statistics

computer common passwords
469
SHARES

With the increasing number of data breaches, taking care of your passwords is as essential as ever. One of the key elements of a strong password is its uniqueness. Therefore, today we present the most commonly used passwords & phrases used in passwords by people around the world.

The CyberNews Investigation team was interested in what kind of most common password patterns everyday people were using in creating their own passwords. We collected data from publicly leaked data breaches, including the Breach Compilation, Collection #1-5, and other databases. We then anonymized the data and detached the passwords so that we could look at that data in isolation and find the most popular passwords and phrases used.

In total, we were able to analyze 15,212,645,925 passwords, of which 2,217,015,490 were unique. We discovered some interesting things about the way that people create passwords: their favorite sports teams, cities, food and even curse words. We could even deduce the probable age of the person by looking at which year they use in their password.

As the data came in various forms, we filtered the results to only include terms that we could make sense of, and from which we could gather some insights.

Note: Use the CyberNews Password Generator to create strong and unique passwords

The top 10 most common passwords worldwide:

Despite security experts recommending to use strong and unique passwords, along with two-factor authentication and password managers for more security, people continue using the weak codes that even a beginner cybercriminal could hack in a couple of moments. Here is the list of 10 most common passwords:

  1. 123456
  2. 123456789
  3. qwerty
  4. password
  5. 12345
  6. qwerty123
  7. 1q2w3e
  8. 12345678
  9. 111111
  10. 1234567890

There are a few lists documenting the most commonly used passwords – all of them based on different studies. What all of them have in common is their predictability.

We analyzed 15.2 billion passwords according to different categories of terms used. We’ll go over the most interesting aspects of each category that we looked at.

One of the most interesting things is when we looked at which years from 1900-2020 were the most used by people when they made passwords. 

Making a rough assumption, people may generally use years in their passwords to mark:

  • their birth year
  • the year in which the password was created
  • a special year

From our analysis, we see that the most popular year was 2010, with nearly 10 million versions of this year used in passwords. The second-most popular used year was 1987 at 8.4 million, and the third was 1991 at nearly 8.3 million.

Looking at the graph in total, there’s a steady increase in usage from around 1940 all the way to 1990. The trend goes down after that, to rise again sharply from 2004 to 2010.

Graph of most popular years used in passwords

Based on the three general possibilities about why people use years in their passwords, we could make some assumptions:

  • The rise from the 1940s to the 1990s correlates to the birth years of the password creators, such that there were more password-creators born in 1980-1990 than those born 1940-1980
  • The spike in ‘2010’ usage in passwords most likely doesn’t indicate birth years (that would put those users under 10 years old), but rather a combination of password creation and special year
  • The spike in ‘2000’ could be birth years, but could also be special years, as it was the turn of the millennium

Of course, these are just some speculations we’re making from this dataset. 

The internet’s favorite name as a password

The winner is: Eva, but just barely. The #2 name is Alex, which comes in about 50,000 instances less than Eva. After that is Anna, and it tapers down consistently to the #10 most common password name, Daniel.

Most common names used as passwords

Both of the least popular names – I’m talking bottom two here – are Darcie and Darcey. Whichever way it’s spelled, it doesn’t seem to be popular.

The world’s favorite sports team – and sport used in creating passwords

Looking at the data for sports teams, we get an idea of not only which the top sports teams around the world are, but also which are the most favored sports:

The world’s favorite sports team and sport used in creating passwords

The number one sports team, at least for the English-language world, seems to be the NBA’s Phoenix Suns, followed by the superior Miami Heat (full disclosure: I’m from Miami). Third up is the MLB’s Cincinnati Reds. Of course, since these are generic terms, there’s a possibility that some of these terms aren’t sports-related – but that’s essentially the risk with all the terms in these statistics.

European soccer (football clubs) come in three times in the top ten, with Liverpool, Chelsea and Arsenal taking the #5, #6 and #8 spots, respectively.

In total, we can see that there are five NBA teams, two from MLB, and three European football clubs. From this, we can assume that the NBA is, by far, the most popular sport in the world, followed by European football/soccer (even though some stats show that soccer is number one, and basketball comes in at number 3). 

When we skew our understanding to the English-language world, with a lot of data coming from the US and the West, the findings in our password analysis seem to correlate.

Just for fun, the least popular sports team to use in passwords is “wolverhamptonwanderers,” used just 3 times, which I’m told is pretty accurate based on their overall performance.

Go Sports!

The internet’s favorite curse word as password

Another aspect we were interested in was to see how many passwords contained curse words, and which curse words were favored the most. 

Based on our analysis, a total of 152,933,335 passwords contained curse words. Out of 2.2 billion unique passwords, that’s about 7%. 

Results show that the internet’s favorite curse word is “ass” coming in at nearly 27 million usages, followed by “sex” at a little over 5 million. The world’s most flexible ‘F’ word comes in at third place, being used in fewer than 5 million passwords. 

Below is a table with the top 10 curse words used in passwords:

Most common curse word used a in password

The world’s most common city used in passwords

When looking at the data, we see that many users added some variation of their city name to their passwords. Now, before looking at our analysis, we can guesstimate a reason as to why people would do that: pride or love for their city. 

Even if it is just a recognition of their birth city, adding that to their passwords would most likely indicate some sort of appreciation for the city, unless it’s something like “ihatephiladelphia2020!”

So, which are the most common cities to use in passwords?

most common city names used in passwords

Coming in at number one is “abu” which would most likely represent the UAE capital Abu Dhabi. The number two city is Rome, the fancy capital of Italy. 

Third goes to Lima in Peru, followed by “hong” for Hong Kong, and the list continues the trend of international, non-US cities. In fact, only two American cities seem to have ended up on this list: Austin and “antonio” for San Antonia, and interestingly they’re both in Texas.

The top months, days and seasons

If people were like me, the best month would be July or August, the best day either Friday or Saturday, and the best season obviously summer. Fortunately or unfortunately, the world isn’t composed of copies of me, so let’s see what months, days and seasons people preferred to use most in their passwords.

Top months, days and seasons used in passwords

Well, I’m glad to know that people in the world have some good sense. “summer” is the most popular, and “autumn” is the least. The top weekday is “friday,” but there’s no reason for “saturday” to be at the bottom – common sense would suggest “monday” to be the least popular.

And lastly, “may” takes the cake for most popular month, more than twice as popular as the second-most popular “june.” Yes, of course, “may” is also a common word, so there’s a chance the data is a little skewed in that sense. In any case, the warmer months are at the top, and the absolutely dreadful February is twice as unpopular as the second-last “january.”

The best food for passwords

Lastly, we’ll look at what food people loved to include in their passwords. Surprisingly, this accounted for only 1.9%, with about 42 million uses.

Most common food names used as a password

It seems that the most popular food word is either a delicious food or a delicious beverage. Here, “ice” could refer to “ice cream” or “iced tea” – but since “cream” isn’t in the top 10, it’s most likely the beverage. The fact that “tea” is #2 only supports my theory. They are followed by “pie” and “nut.” 

The least popular food words were “mayonnaise,” “margarine” and “seasoning.”

The important thing about these popular passwords statistics

It’s particularly hard to make a judgement about whether these elements of a password – whether the year, curse word, sports team, city or else – is necessarily a good thing or a bad thing. 

However, we looked at the length of the passwords used, in terms of number of characters used. Unfortunately, most of the passwords used had 8 or fewer characters.

Percentage of passwords based on number of characters used

That, combined with the probability that the passwords weren’t too complex – instead made up of easily guessed combinations – leads us to believe that the passwords from these databases weren’t up to standard. There are much better ways to create a strong password.

For example, using “heat” as an element of the password, something easily guessed could be “letsgoheat” (10 characters), while something more complex would be “heatromearsenalhjamesp” (a 22-character passphrase). You can also use our unique password generator tool that generates strong & random passwords that are almost impossible to crack. People also create strong passphrases using mnemonic devices are better as they usually are long and contain random words that have no logical meaning between each other, hence easier for a person to remember but more complex for an algorithm to crack.

Of course, at this point this conversation has all become moot: the best passwords are the ones that you don’t need to remember at all. For this reason, we normally strongly recommend that people use password managers. These easy-to-use tools will create very complex passwords for you that you don’t even have to remember.

They mostly come as browser extensions that will create or fill in your usernames and passwords for you. The only thing you need to remember is one master password to use the password managers.

Now, if you noticed that your own personal passwords have similar patterns to the ones we analyzed, and that these passwords can be considered rather simple, we recommend you visit our Data Leak Checker to see if your email address and other personal data has been exposed in a data breach. 

The CyberNews Data Leak Checker currently has the largest database of known breached accounts, with more than 15 billion compromised accounts. So, chances are that if your account has been leaked, we’ll probably have a record of it.

Related articles:
Comments 12
  1. possible human says:

    What does qwerty mean???

    • steve cury says:

      look at your keyboard and then you will find the answer

    • rachellll says:

      its the first six letters on a standard keyboard it goes: q w e r t y u i o p, then underneath, a s d f g h j k l, then finally, z x c v b n m

  2. Nikoli says:

    My passwords are in Greek, Latin, Hawaiian, Japanese, and two of them contain chemical formulae, plus an outer-
    space phenomenon. Plus certain dates, and now I will change all of those! Is that better?

    • sdsdfsdfsfd says:

      does not help. see pass the hash attacks and hash theft
      qwe

  3. OJT says:

    Considering the number of horrific things done in the name of someone’s god, including curses?
    Not too difficult to figure out.

  4. MAbdullah says:

    How could someone categories the word God as a curse? 😡

    • Jay M Terrell says:

      It’s what comes after it. And I don’t mean Hoover.

  5. a says:

    yeah i aagree

  6. Alan Phukewe says:

    Who in the world considers “sex”, “seyx”, “butt”, “god” or “cow” curse words? You really need to get out more.

    • Dave K says:

      How did you know my password was SexyButtCowGod1 ?

      • poison says:

        down bad 💀

Leave a Reply

Your email address will not be published. Required fields are marked *

I agree to the Terms & Conditions and Privacy Policy.

Subscribe for security tips and CyberNews updates
Email address is required. Provided email address is not valid. You have been successfully subscribed to our newsletter!

© 2020 CyberNews – Latest tech news, product reviews, and analyses.