The only thing standing between you and your valuable information, in most cases, is a password. So why on Earth is the most common password still ‘password’?
VPN provider NordVPN every year releases a report on the 200 most common passwords. This year, despite growing cybersecurity awareness, old habits are clearly dying hard.
The number one most common password, used by 4.9 million people (there’s more, this is just from the data NordVPN had access to), is password. Unsurprisingly, given the global stats, password is also the most used password in Australia. Not even a capital ‘P’ or a zero in place of the ‘o’. Come on, people.
When we drill into the top 20 most common passwords in Australia, coming in second to password is 123456, then 1234.
20 most common passwords
- password
- 123456
- 1234
- samanthas
- qwerty
- 12345
- rodneyb1
- work
- 123456789
- 12345678
- mine
- jamalsaumay
- soleil
- password1
- benjibabe
- abc123
- amour
- charlie
- guest
- holden.
I have questions about ‘benjibabe’.
Fixing your bad password
It’s safe to say the best thing to do is change your password if it features on this list. If it doesn’t, website Have I Been Pwned offers a service to check if your password is equally as bad.
As we detailed in our guide of how to check if your data has been caught up in a data breach, we mentioned Have I Been Pwned’s password search that allows you to check if your password has shown up in any data breaches that are on the radar of the security community.
A case for a password generator
It’s often difficult to cook up a high-quality password for an account that you don’t want compromised – that’s why password generators exist. Password generators often produce decent passwords (at least passwords that aren’t password and aren’t at all among the most common ones used) comprising a string of letters, numbers and symbols in random orders. The idea is that because they’re so random without much rhyme or reason between each character that it should be more difficult for your account to be penetrated.
There’s a tonne out there, but we recommend Google Chrome’s inbuilt password generator. Provided that you’re signed in to Chrome with a Google account, all you need to do is travel to a website where you’re signing up for an account, click the password text box and click “Suggest Strong Password”. Chrome will generate a password for you quickly.
Alternatively, NordPass, KeePass and Strong Password Generator are also worth checking out, considering they’re free and also offer greater features than the inbuilt Chrome generator.
We’ve also got a complete guide to not getting hacked, if you’re interested in not being hacked. Either way, stop using ‘password’ as a password, people.
This article has been updated since it was first published.