Special Report

The Most Used Passwords in the World and How Long They Take to Crack

The internet has been around long enough that it’s difficult to comprehend why many people still use simple passwords to access their cybersecure online spaces. Is it because making easy-to-recall passwords is a hard habit to kick, or that certain online accounts aren’t worth protecting in the eyes of the netizens that use them?

Whatever the case may be, the latest list of the most common passwords used by people in 30 countries shows that millions of accounts can be cracked in less than a second by anyone with rudimentary knowledge of cybersecurity and the right software tools.

To compile a list of the most common passwords in the world in 2022 and how long they take to crack using dedicated software, 24/7 Tempo reviewed an updated study by NordPass, a proprietary password manager. NordPass worked with  independent researchers specializing in research of cybersecurity incidents in 30 countries. (These are the countries with the most leaked passwords.)

The majority of the most common passwords are combinations of numbers, from a simple “0” to “123456789.” What’s interesting about these numbers-only passwords is that cracking software takes less than a second to identify any numeric combination, so the number of numbers, or their order, makes no difference.

Using only lowercase letters doesn’t make much difference, either. The most common password is “password,” which is used for millions of online logins, and it can be identified as quickly as numbers-only combinations. The same applies for “qwerty,” the first six letters in the top row of a standard English keyboard, and “azerty,” presumably used by people who think “qwerty” is too simplistic. Curiously, the password “guest” takes longer for software to identify – 10 seconds. (Compare this list with the most common passwords in America and how long they take to crack.)

Adding an uppercase letter to a letters-only password is also fairly pointless. One of the most common passwords is “Gizli,” which Google says is Turkish for “hidden.” Like “guest,” it takes only about 10 seconds to crack an account using that password.

The most common password that takes the longest to crack is “D1lakiss” which required about three hours for software to root out. The fact it takes hours instead of seconds to identify this password offers a hint about why it’s recommended that you use a combination of numbers with lower-case and upper-case letters in your login information. 

Click here to see the world’s most common passwords and how long they take to crack

Notably absent from this list is any password that includes symbols like hashtags and dashes. Cybersecurity experts will tell you the best passwords use a combination of symbols, letters (upper and lower case) and numbers. They may not be easy to remember, but they’re also not easy to crack.

Sponsored: Find a Qualified Financial Advisor

Finding a qualified financial advisor doesn’t have to be hard. SmartAsset’s free tool matches you with up to 3 fiduciary financial advisors in your area in 5 minutes. Each advisor has been vetted by SmartAsset and is held to a fiduciary standard to act in your best interests. If you’re ready to be matched with local advisors that can help you achieve your financial goals, get started now.