IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Top 200 most common passwords of 2021 revealed

Unsurprisingly, the vast majority take less than a second to crack

The 200 most common passwords used across the world in 2021 have been revealed with '123456' coming out on top, used by more than 100 million individuals.

The team at NordPass evaluated a 4TB password database compiled by independent cyber security researchers investigating various incidents throughout the year across 50 countries.

Years of campaigning for stronger password policies from the cyber security industry seems to have fallen on deaf ears yet again as only two of the global top ten contained characters other than sequential numbers. Although the two outliers were not much better, with 'qwerty' sitting at the fourth spot, just ahead of 'password' at fifth.

With the top 200 passwords also ranked by how quickly they could be cracked by computers, the two most secure passwords in the list, sitting at places 54 and 123 respectively, were 'myspace1' and 'michelle' - each taking 3 hours to crack.

Most of the list would take less than a second to crack, according to NordPass, with honourable mentions going to 'zag12wsx' and 'jennifer' being the only other two to break the one-hour mark, taking one and two hours to crack, respectively.

In the UK, the top 10 passwords used by both men and women were a mix of sequential numbers, riffs on the old classic 'password', football teams, and actual first names.

It would appear Liverpool FC is the most popular team in the world, or the one whose fans are most relaxed about password security - depending on perspective, since it appeared the highest in the list at 121st, and 3rd overall in the UK.

Ferrari and Porsche were the two car manufacturers users trusted the most when it came to choosing their passwords, comfortably beating all the others on the market. 

Dolphins were the most popular animal in many of the 50 countries evaluated by the NordPass team, which also noted men were more likely to use swear words as their passwords than women. 

In a battle of the bands, Metallica outranked Slipknot with 88,453 and 75,204 uses respectively, and One Direction made a comeback to the top 200 in 2021 after falling off the list in 2020.

Related Resource

Container network security guide for dummies

Enforcing Kubernetes best practices

For Dummies style cover with whitepaper title at the topFree download

None of the top 200 passwords of the year are recommended for use if keeping personal data private is a priority, but NordPass offered some tips to achieve greater password security for 2022.

Complex passwords should always be favoured, and these typically contain at least 12 characters with a mix of uppercase and lowercase letters, numbers, and symbols.

Although it can be difficult to track all passwords when they're all different, it is recommended to have different passwords for each website and service used. Password managers can help here as the practice lowers the likelihood of losing access to multiple services in a single breach. 

Updating passwords every 90 days is also a tedious endeavour but can also help in securing digital identities, according to NordPass, and is commonplace in businesses with a strong security posture.

Featured Resources

Three ways manual coding is killing your business productivity

...and how you can fix it

Free Download

Goodbye broadcasts, hello conversations

Drive conversations across the funnel with the WhatsApp Business Platform

Free Download

Winning with multi-cloud

How to drive a competitive advantage and overcome data integration challenges

Free Download

Talking to a business should feel like messaging a friend

Managing customer conversations at scale with the WhatsApp Business Platform

Free Download

Recommended

Inside the password arms race
Sponsored

Inside the password arms race

20 Sep 2022
LastPass breach: CEO says 'no evidence' of customer data being stolen
hacking

LastPass breach: CEO says 'no evidence' of customer data being stolen

26 Aug 2022
Why convenience is the biggest threat to your security
Sponsored

Why convenience is the biggest threat to your security

8 Aug 2022
How to incorporate password protection into your security strategy
Sponsored

How to incorporate password protection into your security strategy

3 Aug 2022

Most Popular

Vodafone UK confirms talks to merge with Three are underway
mergers and acquisitions

Vodafone UK confirms talks to merge with Three are underway

3 Oct 2022
BT's new platform promises to slash AI development time from months to days
artificial intelligence (AI)

BT's new platform promises to slash AI development time from months to days

3 Oct 2022
How to secure your hybrid workforce
Advertisement Feature

How to secure your hybrid workforce

23 Sep 2022