Skip to content

These Common Passwords Can Be Cracked in Less Than 1 Minute, New Data Shows

Avoid using these codes if you want to keep your digital domain safe from hackers and thieves.

As more of our lives move online, we all understand that picking a strong password is essential. The idea of potentially handing over easy access to something as important as your email inbox or bank account is usually enough to inspire people to put effort into what they pick as their digital entry codes. At the same time, becoming frustrated with memorizing dozens of them—not to mention the constant requests to update them—can lead some to take the easy way out when safeguarding their accounts. But if you're too careless, beware: New data shows that some common passwords can be cracked in one minute or less.

RELATED: FBI Issues New Warning About the Latest Scams Designed to "Steal Your Money."

In its most recent annual list, the team behind password management tool NordPass updated the 200 most commonly used passwords for 2023. The company analyzed 4.3 terabytes of anonymous data from publicly available sources—including the dark web—from across 35 countries and eight different types of platform categories such as social media, streaming services, online gaming, and financial accounts. They then ranked the findings based on how often each was used.

Unfortunately, it appears that many users may not be putting enough effort into safeguarding their accounts. Results showed that 17 of the 20 most common passwords could be cracked in less than a second. Most of the top 10 involved a variation of counting to 10, including the top-ranked "123456," which was used by more than 4.5 million people. Others include "admin" in the second highest slot with just over 4 million uses and the ever-popular "password" coming in seventh with 710,321 uses.

Even getting slightly more creative doesn't appear to pay off. The password "minecraft" ranked 100th overall but could still be cracked in less than a second. And the seemingly random "jimjim30" could be guessed in just 41 seconds, coming in at the 114th spot on the list with 26,940 users.

RELATED: If a Caller Asks You Any of These Questions, Hang Up Right Away, Officials Warn.

Fortunately, NordPass concludes its report by saying that passwords are becoming harder to breach—even though malware and phishing attacks continue to steal logins. The company still suggests using a complex password that's "at least 20 characters long and include a mix of uppercase and lowercase letters, numbers, and special symbols" while avoiding easily guessed information like birthdays, names, or common words. You should also regularly check your passwords' strength to ensure they haven't become weak or outdated.

The company also suggests using different passwords across your accounts to help isolate any information leaks or digital break-ins from becoming too widespread. And if it's too challenging to remember which passcode goes with what account, a password manager tool can be an easy way to stay on top of them and come up with complex phrases.

RELATED: For more up-to-date information, sign up for our daily newsletter.

Zachary Mack
Zach is a freelance writer specializing in beer, wine, food, spirits, and travel. He is based in Manhattan. Read more
Filed Under