Secure Passwords

Most Common Passwords: Why They Aren't Safe

Author
Martin Gschwentner
Last update
27. Jun 2022

How many passwords do you have? The quicker your answer, the worse things likely are. In a perfect world, every account you use should have its own, unique password. However, because of convenience, laziness, ignorance, or some combination of them, many people recycle passwords or use shockingly easy ones.

Below, we'll introduce you to the most commonly used passwords, explain why they are to be avoided at all costs, and advise you on how to better secure and protect yourself and your accounts.

The Most Common Passwords Worldwide

NordPass, in collaboration with independent cybersecurity researchers, released a list of the Top 200 most common passwords in 2021 . Their Top 10 is just as shocking as that of the NCSC:

Most Common Passwords in 2021 (Worldwide)

1

123456

2

123456789

3

12345

4

qwerty

5

password

6

12345678

7

111111

8

123123

9

1234567890

10

1234567

The classic "123456" remains the undisputed king of the worst passwords.

Why Popular Passwords Aren't Safe

Popular passwords like "123456", "password", or "qwerty" are appealing since they're easy to remember. They can also readily be found just by looking at your keyboard. Since accounts are required for just about everything you want to do online these days, few have the time to create (and notate) a strong, unique password for each.

However, convenience cuts both ways: The easier a password is for you to remember, the less difficulty a cyber criminal will have overcoming it, for example, through brute force attacks. And, supposing that you use the same password over and over again, a hacker just needs to guess right once, in order to unlock each account you protected with the same email address, account name, and password combination.

How to Protect Yourself

To put things into perspective: The most common passwords can be easily cracked in less than a second. Don't use them for anything. Instead, take the following steps to equip your accounts with the best possible defenses against unwanted access.

Safe, Complex Passwords

A powerful password is any account's first line of defense. To make one, keep the following in mind:

  • The longer, the better
    According to the National Institute of Standards and Technology, a secure password should be at least 8 characters in length. The longer your password is, the more difficult it will be to crack.
  • Use all types of characters
    The most common passwords either rely on numbers, letters, or a combination of the two. Formidable passwords go beyond this, including upper-case letters, as well as special characters like ?, !, {, or _.
  • Stay away from easy to remember phrases
    While you might feel tempted to type out a phrase or string of words with a particular meaning, don't! Birthdays or names of family members can be easily sussed out with research.
  • Make it unique
    Even the safest password shouldn't be used more than once for the simple reason that if it's leaked, it will be compromised wherever it was used. Data leaks, which you can do nothing to prevent, offer criminals golden opportunities to expand their illicit activities and overwhelm even the most imposing cyber defenses.

You can use EXPERTE.com's password checker to see how safe your current passwords are. Should you not be satisfied with the results, then head over to our password generator to create safe passwords according to stringent criteria.

In the event that you want to take your password security to the next level and fashion a unique, complex password for each account you have, there are few better tools than a password manager. We'll discuss these in greater detail below, but for now, suffice it to say that they automatically create secure, unique passwords and auto-complete login forms.

Two-Factor Authentication

A cracked password isn't the end of the world, so long as you've activated two-factor authentication. Even with the right password, those logging in, either from a new or recognized device, will need to supply a second form of authentication, such as a code delivered via text message.

Whenever offered, we recommend using this means of protection, especially for logins from unrecognized devices.

Regular Leak Cheaks

Every now and then businesses fall prey to hackers, or lose data in other ways. This can include secure passwords, instantly compromising them at absolutely no fault of your own.

To find out whether your email address has been inadvertently released in the past, use HaveIBeenPwned's email leak checker . Should you have been "pwned", immediately change the password for that account to something not used anywhere else.

The Best Password Managers From EXPERTE.com's Assessment

Password managers offer the easiest way to protect every digital account you have with a robust, unique password. But that's only one of the benefits they offer: You can use them to automatically fill out login and other forms with just a mouseclick, store sensitive documents in their vaults, and create secure notes.

You won't ever need to worry about how safe your passwords are again if using a password manager.

You'll only have to remember a single password, the so-called master password. With this, you can access your password manager's vault, where all of your other passwords and sensitive documents are stored.

A wide selection of such programs exists, so, to help in making up your mind, we looked at 12 of the best password managers in our comprehensive EXPERTE.com comparison. Here are our favorites

1.

Dashlane

Best Overall 2023
Dashlane Password Manager
Dashlane Password Manager
(204,101 )
Dashlane is a great all-rounder that makes managing your logins and other account details as easy as pie thanks to its many features, a strong security posture, and an easy-to-use interface.
user friendly and intuitive
zero-knowledge encryption
comprehensive security center
automatic password changer
built-in VPN
9.1
excellent
Passwords
unlimited
Devices
1 - ∞
Users
1 - ∞
Contract Period
0 - 12 months
Dashlane Free
$0.00
monthly price
Visit Website »
Try for free

Dashlane emerged at the top of our EXPERTE.com comparison since it does everything just a bit better than its competitors. The web app's user interface is particularly intuitive, and the provider offers plenty of features. We especially liked the automatic password changer, which makes it possible to swap out weak passwords for most services with just a few clicks.

Beyond that, the password manager showed itself to be highly reliable when automatically filling out online forms, whether in a browser or on a mobile device. And the cherry on top? Dashlane is priced competitively.

Review
9.1
excellent
Visit Website
Check Review
Mobile Usage
9.4 / 10
Support
9.4 / 10
Features
9.4 / 10
Security
9.4 / 10
Installation & Usage
8.0 / 10
2.

1Password

1Password Password Manager
1Password Password Manager
(17,232 )
1Password's password vault is filled to the brim with features, including handy extras such as the travel mode. With excellent security and a solid user interface on top, 1Password is one of the best password managers out there.
zero-knowledge encryption
reliable autofill function
handy travel mode
14 days free trial
no free version
8.7
good
Passwords
unlimited
Devices
unlimited
Users
1 - ∞
Contract Period
12 months
1Password Standard
$2.99
monthly price
Visit Website »
Free 30 days trial

1Password finished just behind Dashlane in 2nd place. Developed by AgileBits, this password manager got our nod of approval in terms of security, offering several features which its competitors lack. These include travel mode and the locally-generated 128-bit 'Secret Key', which you'll need to log in from a new device.

Another positive was the variety of data set templates on offer. You can store a copy of your passport, driving license, or even hunting permits. In terms of the essentials, 1Password has everything covered as well.

Review
8.7
good
Visit Website
Check Review
Features
9.4 / 10
Security
9.4 / 10
Installation & Usage
8.6 / 10
Mobile Usage
8.6 / 10
Support
7.4 / 10
3.

Keeper

Keeper Password Manager
Keeper Password Manager
(263,048 )
Keeper is one of the best password managers on the market thanks to its many features, high reliability, and extensive configuration options.
customizable autofill
intuitive folder structure
good business plans
autofill for apps
no free version
8.7
good
Passwords
unlimited
Devices
unlimited
Users
1 - ∞
Contract Period
12 months
Keeper Security Unlimited
$2.04
monthly price
Visit Website »
Download Keeper

Whether on your desktop or smartphone, Keeper offers a highly user-friendly experience. Particularly impressive was the free hand it grants in creating data sets, adding user-defined fields, or password-protecting specific entries with one-time passwords.

We didn't encounter any issues with autofill when using Keeper, and the browser extension's options are fairly comprehensive. In light of all of the above, Keeper is one of the best password managers out there.

Review
8.7
good
Visit Website
Check Review
Mobile Usage
9.4 / 10
Features
9.4 / 10
Security
8.6 / 10
Installation & Usage
8.0 / 10
Support
8.0 / 10
4.

NordPass

NordPass Password Manager
NordPass Password Manager
(11,194 )
NordPass stands out with its beautiful design and ease of use, and offers a fully-fledged free version that allows you to create and synchronize an unlimited number of passwords.
easy to use
flawless user interface
reliable autofill
full-featured free version
few options for customizing data sets
8.5
good
Passwords
unlimited
Devices
1 - ∞
Users
1 - 250
Contract Period
0 - 24 months
NordPass Free
$0.00
monthly price
Visit Website »
30-day money-back guarantee

NordPass, the password manager brought to you by the same people behind NordVPN, made an excellent first impression with its generous free version. This doesn't have any data set limits, making it possible to save an unlimited number of passwords without paying a cent.

Apart from that, NordPass has an elegant user interface, reliable autofill, and well-functioning data import features.

Review
8.5
good
Visit Website
Check Review
Installation & Usage
9.4 / 10
Mobile Usage
8.6 / 10
Security
8.6 / 10
Support
8.0 / 10
Features
8.0 / 10
5.

Bitwarden

Bitwarden Password Manager
Bitwarden Password Manager
(51,572 )
Bitwarden can impress with easy-to-use apps, reliable autofill, and a few handy security features. Plus, it's pretty affordable – and offers a solid, feature-rich free plan.
user-friendly applications
good security, externally tested
Self-Hosting possible
low price
paid features (e.g. password sharing)
8.4
good
Passwords
unlimited
Devices
unlimited
Users
1 - ∞
Contract Period
0 - 12 months
Bitwarden Free
$0.00
monthly price
Visit Website »

Bitwarden also makes friends quickly with its free version lacking data or sync limits. In comparison to most password managers, its premium version is a real bargain as well.

Wherever you use the service on your desktop, via its smartphone app, browser extension, or web interface, Bitwarden is highly intuitive. Our only complaint was that it's necessary to pay extra for most features, such as password sharing, even with a premium subscription.

All the same, Bitwarden is a great password manager.

Review
8.4
good
Visit Website
Check Review
Installation & Usage
9.4 / 10
Security
9.4 / 10
Features
8.6 / 10
Mobile Usage
7.4 / 10
Support
7.4 / 10

Conclusion

As we've shown above, despite all of the cyberattacks, hacking, and identity theft plaguing the world, people still use weak and common passwords to protect sensitive and valuable information. A secure password should be at least eight characters long and include numbers, upper- and lower-case letters, and special characters. Passwords should be unique and only used for a single account.

Of course, remembering dozens, let alone hundreds of intricate and different passwords would be a challenge for anyone, making password managers an option worth seriously considering. These web-based programs automatically create secure passwords, storing them in a nearly impregnable digital database. All you'll have to do is remember a single master password, which grants you access to your vault.

In addition to secure passwords, you should also enable two-factor authentication whenever a service you've registered with offers it. We also recommend regularly checking whether your email address has been compromised in any data leaks. Whenever unsure, you can see whether any password you're using has been inadvertently released as well with our EXPERTE.com password checker.

Author ( German Version) : Martin Gschwentner
Martin Gschwentner majored in American Studies and Media Studies in Germany, the USA and France and works as a freelance editor in Paris. He is a doctoral student at the Institute for English and American Studies at the University of Paris Diderot, where he is researching the influence of money on US politics. On EXPERTE.com he writes about IT security, data protection and software for the self-employed and small businesses.
Translator & Editor: D Bare
Continue Reading
Other languages