Most common passwords: latest 2025 statistics

The Cybernews Investigation team was interested in what kind of most common password patterns everyday people were using in creating their own passwords. We collected data from publicly leaked data breaches, including the Breach Compilation, Collection #1-5, and other databases. We then anonymized the data and detached the passwords so that we could look at that data in isolation and find the most popular passwords and phrases used.

In total, we were able to analyze 15,212,645,925 passwords, out of which only 2,217,015,490 were unique. We discovered some interesting things about the way that people create passwords: their favorite sports teams, cities, food, and even curse words. We could even deduce the probable age of the person by looking at which year they use in their password.

Despite security experts recommending using strong and unique passwords, along with two-factor authentication and password managers for more security, people continue using the weak passwords that even a beginner hacker could crack in a few seconds. Here's what we found.

The top 10 most common passwords list in 2025

1. 123456
2. 123456789
3. qwerty
4. password
5. 12345
6. qwerty123
7. 1q2w3e
8. 12345678
9. 111111
10. 1234567890

Don't want your password to end up on this list? A password manager can help! NordPass offers a password generator for unique, high-security passwords that have at least 8 characters and include numbers, special characters, and both lower- and uppercase letters. The best part is that you’ll no longer have to remember or worry about forgetting your complex passwords – the password manager will keep all of them in one secure place.

How to generate a strong password?

1. Use at least 12 characters, ideally 16 or more
2. Combine numbers, symbols, lowercase, and uppercase letters
3. Never use the same password for different accounts
4. Use a secure password manager to create and safely store strong passwords

Most popular years used in passwords

One of the most interesting things is when we looked at which years from 1900-2020 were the most used by people when they made passwords.

Making a rough assumption, people may generally use years in their passwords to mark:

• their birth year
• the year in which the password was created
• a special year

From our analysis, we see that the most popular year was 2010, with nearly 10 million versions of this year used in passwords. The second most popular used year was 1987 at 8.4 million, and the third was 1991 at nearly 8.3 million.

Looking at the graph in total, there’s a steady increase in usage from around 1940 all the way to 1990. The trend goes down after that, to rise again sharply from 2004 to 2010.

Based on the three general possibilities about why people use years in their passwords, we could make some assumptions:

• The rise from the 1940s to the 1990s correlates to the birth years of the password creators, such that there were more password-creators born in 1980-1990 than those born 1940-1980.
• The spike in ‘2010’ usage in passwords could indicate parents whose child was born in that specific year or other special occasions.
• The spike in ‘2000’ could be birth years, but could also be special years, as it was the turn of the millennium.

The internet’s favorite name as a password

The winner is Eva, but just barely. The second spot is claimed by Alex, which comes in about 50,000 instances less than Eva. After that is Anna, and it tapers down consistently to the #10 most common password name, Daniel.

Both of the least popular names are Darcie and Darcey. Whichever way it’s spelled, it doesn’t seem to be popular.

The world’s favorite sports team – and sport used in creating passwords

Looking at the data for sports teams, we get an idea of not only which the top sports teams around the world are, but also which are the most favored sports.

The number one sports team, at least for the part of the world that speaks English, seems to be the NBA’s Phoenix Suns, followed by the superior Miami Heat. Third up is the MLB’s Cincinnati Reds. Of course, since these are generic terms, there’s a possibility that some of these terms aren’t sports-related – but that’s essentially the risk with all the terms in these statistics.

European football clubs come up three times in the top ten, with Liverpool, Chelsea, and Arsenal taking the #5, #6 and #8 spots, respectively.

In total, we can see that there are five NBA teams, two from MLB, and three European football clubs. From this, we can assume that the NBA is, by far, the most popular basketball league in the world. It's quickly followed by European football, even though some stats show that soccer is number one, and basketball comes in at number 3.

The internet’s favorite curse word as password

Another aspect we were interested in was to see how many passwords contained curse words, and which curse words were favored the most. We found that a total of 152,933,335 passwords contained curse words. Out of 2.2 billion unique passwords, that’s about 7%.

Results show that the Internet’s favorite curse word is “ass” coming in at nearly 27 million usages, followed by “sex” at a little over 5 million. The world’s most flexible ‘F’ word comes in at third place, being used in fewer than 5 million passwords.

The world’s most common city used in passwords

When looking at the data, we see that many users added some variation of their city name to their passwords. Now, before looking at our analysis, we can guess a reason as to why people would do that: pride or love for their city.

Even if it is just a recognition of their birth city, adding that to their passwords would most likely indicate some sort of appreciation for the city, unless it’s something like “ihatephiladelphia2020!”

Coming in at number one is “abu” which would most likely represent the UAE capital Abu Dhabi. The number two city is Rome, the historical capital of Italy.

Third goes to Lima in Peru, followed by “hong” for Hong Kong, and the list continues the trend of international, non-US cities. In fact, only three American cities seem to have ended up on this list: York (as in New York), Austin, and “antonio” for San Antonia, and interestingly the latter are both in Texas.

The top months, days and seasons

According to our research, “summer” is the most popular, and “autumn” is the least. The top weekday is “friday,” while "saturday" is the least used.

And lastly, “may” takes the cake for most popular month, more than twice as popular as the second-most popular “june.” Of course, “may” is also a common word, so there’s a chance the data is a little skewed in that sense. In any case, the warmer months are at the top.

The best food for passwords

Lastly, we’ll look at what food people loved to include in their passwords. Surprisingly, this accounted for only 1.9%, with about 42 million uses.

We found that "ice" is the most commonly used food-related word in passwords. “Ice” could refer to “ice cream” or “iced tea” – but since “cream” isn’t in the top 10, it’s most likely the beverage. The fact that “tea” is #2 only supports my theory. They are followed by “pie” and “nut.”

The least popular food words were “mayonnaise,” “margarine,” and “seasoning.”

The important thing about these popular passwords statistics

It’s particularly hard to make a judgement about whether these elements of a password – whether the year, curse word, sports team, city or else – is necessarily a good thing or a bad thing.

However, we looked at the length of the passwords used, in terms of number of characters used. Unfortunately, most of the passwords used had 8 or fewer characters.

That, combined with the probability that the passwords weren’t too complex – instead made up of easily guessed combinations – leads us to believe that the passwords from these databases weren’t up to standard. There are much better ways to create a strong password.

For example, using “heat” as an element of the password, something easily guessed could be “letsgoheat” (10 characters), while something more complex would be “heatromearsenalhjamesp” (a 22-character passphrase). You can also use our unique password generator tool that generates strong passwords that are almost impossible to crack. People also create strong passphrases using mnemonic devices are better as they usually are long and contain random words that have no logical meaning between each other, hence easier for a person to remember but more complex for an algorithm to crack.

Conclusion: how do I make all my passwords safe?

In order to keep your passwords secure, they all have to be long, complex, and unique. If you follow these rules, you won't be able to remember the passwords. For this reason, we strongly recommend you use password managers to generate and store your strong passwords.

Almost all password managers come with a browser extension that can create or fill in your usernames and passwords for you. The only thing you need to remember is your master password to unlock your vault.

All in all, if you noticed that your own personal passwords have similar patterns to the ones we analyzed, we recommend you to change your passwords with a password generator. You can also visit our Data Leak Checker to see if your email address and other personal data has been exposed in a data breach.