© 2021 CyberNews - Latest tech news,
product reviews, and analyses.

If you purchase via links on our site, we may receive affiliate commissions.

Most common passwords: latest 2021 statistics

18

Data breaches and cyber attacks are becoming more and more common. In order to keep your online identity and private information safe, taking care of your passwords is as essential as ever.

One of the key elements of a strong password is its uniqueness. But some passwords are anything but that. Here are the most commonly used passwords & phrases used in passwords by people around the world.

The top 10 most common passwords list:

  1. 123456
  2. 123456789
  3. qwerty
  4. password
  5. 12345
  6. qwerty123
  7. 1q2w3e
  8. 12345678
  9. 111111
  10. 1234567890

Don't want your password to end up on this list? A password manager can help! They generate unique, high-security passwords you don't have to remember, and keep them in one safe place.

Secure & intuitive - best for new users
NordPass is the password manager to choose if you value security and ease of use. Get it now at up to 70% off!
Save 70%
$ 1.49 /mo
$4.99/mo
30-days money-back guarantee

Despite security experts recommending using strong and unique passwords, along with two-factor authentication and password managers for more security, people continue using the weak codes that even a beginner cybercriminal could hack in a couple of moments.

There are a few lists documenting the most commonly used passwords – all of them based on different studies. What all of them have in common is their predictability.

How we collected the most common passwords?

The CyberNews Investigation team was interested in what kind of most common password patterns everyday people were using in creating their own passwords. We collected data from publicly leaked data breaches, including the Breach Compilation, Collection #1-5, and other databases. We then anonymized the data and detached the passwords so that we could look at that data in isolation and find the most popular passwords and phrases used.

In total, we were able to analyze 15,212,645,925 passwords, of which 2,217,015,490 were unique. We discovered some interesting things about the way that people create passwords: their favorite sports teams, cities, food and even curse words. We could even deduce the probable age of the person by looking at which year they use in their password.

Most frequent things in passwords

In order to create simple, memorable combinations for their websites, many people choose to connect them to something that they can easily recall. But that doesn't make the password unique: actually, it's quite the opposite!

During our research, we analyzed over 15 billion entries and separated them into different categories and terms. These right here are some of the most common things used in passwords – if you use something like this in your own combinations, you might want to think twice.

One of the most interesting things is when we looked at which years from 1900-2020 were the most used by people when they made passwords.

Making a rough assumption, people may generally use years in their passwords to mark:

  • their birth year
  • the year in which the password was created
  • a special year

From our analysis, we see that the most popular year was 2010, with nearly 10 million versions of this year used in passwords. The second-most popular used year was 1987 at 8.4 million, and the third was 1991 at nearly 8.3 million.

Looking at the graph in total, there’s a steady increase in usage from around 1940 all the way to 1990. The trend goes down after that, to rise again sharply from 2004 to 2010.

Graph of most popular years used in passwords

Based on the three general possibilities about why people use years in their passwords, we could make some assumptions:

  • The rise from the 1940s to the 1990s correlates to the birth years of the password creators, such that there were more password-creators born in 1980-1990 than those born 1940-1980
  • The spike in ‘2010’ usage in passwords most likely doesn’t indicate birth years (that would put those users under 10 years old), but rather a combination of password creation and special year
  • The spike in ‘2000’ could be birth years, but could also be special years, as it was the turn of the millennium

Of course, these are just some speculations we’re making from this dataset.

The internet’s favorite name as a password

The winner is: Eva, but just barely. The #2 name is Alex, which comes in about 50,000 instances less than Eva. After that is Anna, and it tapers down consistently to the #10 most common password name, Daniel.

Most common names used as passwords

Both of the least popular names – I’m talking bottom two here – are Darcie and Darcey. Whichever way it’s spelled, it doesn’t seem to be popular.

The world’s favorite sports team – and sport used in creating passwords

Looking at the data for sports teams, we get an idea of not only which the top sports teams around the world are, but also which are the most favored sports:

The world’s favorite sports team and sport used in creating passwords

The number one sports team, at least for the English-language world, seems to be the NBA’s Phoenix Suns, followed by the superior Miami Heat (full disclosure: I’m from Miami). Third up is the MLB’s Cincinnati Reds. Of course, since these are generic terms, there’s a possibility that some of these terms aren’t sports-related – but that’s essentially the risk with all the terms in these statistics.

European soccer (football clubs) come in three times in the top ten, with Liverpool, Chelsea and Arsenal taking the #5, #6 and #8 spots, respectively.

In total, we can see that there are five NBA teams, two from MLB, and three European football clubs. From this, we can assume that the NBA is, by far, the most popular sport in the world, followed by European football/soccer (even though some stats show that soccer is number one, and basketball comes in at number 3).

When we skew our understanding to the English-language world, with a lot of data coming from the US and the West, the findings in our password analysis seem to correlate.

Just for fun, the least popular sports team to use in passwords is “wolverhamptonwanderers,” used just 3 times, which I’m told is pretty accurate based on their overall performance.

Go Sports!

The internet’s favorite curse word as password

Another aspect we were interested in was to see how many passwords contained curse words, and which curse words were favored the most.

Based on our analysis, a total of 152,933,335 passwords contained curse words. Out of 2.2 billion unique passwords, that’s about 7%.

Results show that the internet’s favorite curse word is “ass” coming in at nearly 27 million usages, followed by “sex” at a little over 5 million. The world’s most flexible ‘F’ word comes in at third place, being used in fewer than 5 million passwords.

Below is a table with the top 10 curse words used in passwords:

Most common curse word used a in password

The world’s most common city used in passwords

When looking at the data, we see that many users added some variation of their city name to their passwords. Now, before looking at our analysis, we can guesstimate a reason as to why people would do that: pride or love for their city.

Even if it is just a recognition of their birth city, adding that to their passwords would most likely indicate some sort of appreciation for the city, unless it’s something like “ihatephiladelphia2020!”

So, which are the most common cities to use in passwords?

most common city names used in passwords

Coming in at number one is “abu” which would most likely represent the UAE capital Abu Dhabi. The number two city is Rome, the fancy capital of Italy.

Third goes to Lima in Peru, followed by “hong” for Hong Kong, and the list continues the trend of international, non-US cities. In fact, only two American cities seem to have ended up on this list: Austin and “antonio” for San Antonia, and interestingly they’re both in Texas.

The top months, days and seasons

If people were like me, the best month would be July or August, the best day either Friday or Saturday, and the best season obviously summer. Fortunately or unfortunately, the world isn’t composed of copies of me, so let’s see what months, days and seasons people preferred to use most in their passwords.

Top months, days and seasons used in passwords

Well, I’m glad to know that people in the world have some good sense. “summer” is the most popular, and “autumn” is the least. The top weekday is “friday,” but there’s no reason for “saturday” to be at the bottom – common sense would suggest “monday” to be the least popular.

And lastly, “may” takes the cake for most popular month, more than twice as popular as the second-most popular “june.” Yes, of course, “may” is also a common word, so there’s a chance the data is a little skewed in that sense. In any case, the warmer months are at the top, and the absolutely dreadful February is twice as unpopular as the second-last “january.”

The best food for passwords

Lastly, we’ll look at what food people loved to include in their passwords. Surprisingly, this accounted for only 1.9%, with about 42 million uses.

Most common food names used as a password

It seems that the most popular food word is either a delicious food or a delicious beverage. Here, “ice” could refer to “ice cream” or “iced tea” – but since “cream” isn’t in the top 10, it’s most likely the beverage. The fact that “tea” is #2 only supports my theory. They are followed by “pie” and “nut.”

The least popular food words were “mayonnaise,” “margarine” and “seasoning.”

The important thing about these popular passwords statistics

It’s particularly hard to make a judgement about whether these elements of a password – whether the year, curse word, sports team, city or else – is necessarily a good thing or a bad thing.

However, we looked at the length of the passwords used, in terms of number of characters used. Unfortunately, most of the passwords used had 8 or fewer characters.

Percentage of passwords based on number of characters used

That, combined with the probability that the passwords weren’t too complex – instead made up of easily guessed combinations – leads us to believe that the passwords from these databases weren’t up to standard. There are much better ways to create a strong password.

For example, using “heat” as an element of the password, something easily guessed could be “letsgoheat” (10 characters), while something more complex would be “heatromearsenalhjamesp” (a 22-character passphrase). You can also use our unique password generator tool that generates strong & random passwords that are almost impossible to crack. People also create strong passphrases using mnemonic devices are better as they usually are long and contain random words that have no logical meaning between each other, hence easier for a person to remember but more complex for an algorithm to crack.

Conclusion: how do I make all my passwords safe?

In order to keep your passwords secure, they all have to be unique and difficult to crack. In truth, the best passwords are the ones that you don’t need to remember at all. For this reason, we normally strongly recommend that people use password managers. These easy-to-use tools will create very complex passwords for you that you don’t even have to remember.

They mostly come as browser extensions that will create or fill in your usernames and passwords for you. The only thing you need to remember is one master password to use the password managers.

Now, if you noticed that your own personal passwords have similar patterns to the ones we analyzed, and that these passwords can be considered rather simple, we recommend you visit our Data Leak Checker to see if your email address and other personal data has been exposed in a data breach.

The CyberNews Data Leak Checker currently has the largest database of known breached accounts, with more than 15 billion compromised accounts. So, chances are that if your account has been leaked, we’ll probably have a record of it.

Best password managers

Comments
Karen M Ricci
Karen M Ricci
prefix 13 days ago
Interesting status!
EKNES, BRET
EKNES, BRET
prefix 15 days ago
I don't use these kinds of passwords.
Lisa Becking
Lisa Becking
prefix 15 days ago
First time this year that I feel like I am actually doing something right.
Aaron
Aaron
prefix 1 month ago
How come "Cow" is a badword?
anonymousUserLikesJS
anonymousUserLikesJS
prefix 1 day ago
might be the fact that sometimes people say "you cow" or something like that instead of "you idiot"
possible human
possible human
prefix 3 months ago
What does qwerty mean???
rachellll
rachellll
prefix 3 months ago
its the first six letters on a standard keyboard it goes: q w e r t y u i o p, then underneath, a s d f g h j k l, then finally, z x c v b n m
steve cury
steve cury
prefix 3 months ago
look at your keyboard and then you will find the answer
VIVAN
VIVAN
prefix 14 days ago
The first 6 letters in the keypad
Nikoli
Nikoli
prefix 3 months ago
My passwords are in Greek, Latin, Hawaiian, Japanese, and two of them contain chemical formulae, plus an outer-
space phenomenon. Plus certain dates, and now I will change all of those! Is that better?
sdsdfsdfsfd
sdsdfsdfsfd
prefix 3 months ago
does not help. see pass the hash attacks and hash theft
qwe
OJT
OJT
prefix 4 months ago
Considering the number of horrific things done in the name of someone’s god, including curses?
Not too difficult to figure out.
MAbdullah
MAbdullah
prefix 5 months ago
How could someone categories the word God as a curse? 😡
Jay M Terrell
Jay M Terrell
prefix 4 months ago
It’s what comes after it. And I don’t mean Hoover.
a
a
prefix 8 months ago
yeah i aagree
Alan Phukewe
Alan Phukewe
prefix 10 months ago
Who in the world considers “sex”, “seyx”, “butt”, “god” or “cow” curse words? You really need to get out more.
Dave K
Dave K
prefix 7 months ago
How did you know my password was SexyButtCowGod1 ?
poison
poison
prefix 6 months ago
down bad 💀
Leave a Reply

Your email address will not be published. Required fields are marked