NordPass Reveals the Worst Passwords of 2020

Millions of user passwords are made publicly available due to leaks every year. The specialists of the NordPass company, which develops a password manager of the same name, studied the data of almost 300 million users and compiled a list of the worst and too simple passwords of 2020.


Position Password Number of users Time to crack it
1. 123456 2,543,285 Less than a second
2. 123456789 961,435 Less than a second
3. picture1 (new) 371,612 3 Hours
4. password 360,467 Less than a second
5. 12345678 322,187 Less than a second
6. 111111 230,507 Less than a second
7. 123123 189,327 Less than a second
8. 12345 188,268 Less than a second
9. 1234567890 171,724 Less than a second
10. senha (new) 167,728 10 Seconds
11. 1234567 165,909 Less than a second
12. qwerty 156,765 Less than a second
13. abc123 151,804 Less than a second
14. Million2 (new) 143,664 3 Hours
15. 000000 122,982 Less than a second
16. 1234 112,297 Less than a second
17. iloveyou 106,327 Less than a second
18. aaron431 (new) 90,256 3 Hours
19. password1 87,556 Less than a second
20. qqww1122 (new) 85,476 52 Minutes
21. 123 84,438 Less than a second
22. omgpop (new) 77,492 2 Minutes
23. 123321 73,506 Less than a second
24. 654321 69,148 Less than a second
25. qwertyuiop 64,632 Less than a second

Contrary to many tech companies' efforts, including Google, which has recently warned about weak passwords right in the Chrome browser, users continue to use the most common combinations, becoming easy prey for hackers.

123456 is still the most popular password. This notorious combination was considered reliable by 2,5 million users. Throughout the year, NordPass recorded over 23,5 million cases of hacking this password. Interestingly, last year, the leader was an even simpler combination 12345, which took the eighth position in the recent rating. About 188,000 users still use it. Both of these combinations can be hacked in less than a second.

The second place in this rating is taken by the combination 123456789. Picture1 burst into the top 3 this year, and this is the most challenging password in the top 10. It takes three hours to hack it.

NordPass notes that 78% of passwords in the 2020 ranking are new combinations. The complete list of the 50 worst passwords of 2020 according to NordPass can be found here.

Here, you can check out the list of the worst passwords of last year and compare it with this year’s list.