2025’s commonest passwords have been as predictable as ever

As soon as once more, information reveals an uncomfortable reality: the behavior of selecting eminently hackable passwords is alive and nicely

20 Jan 2026
 • 
,
3 min. learn

‘123456’ continues to reign supreme as probably the most commonly-used password amongst folks internationally, based on two studies, from NordPass and Comparitech, respectively. A full 25 % of the highest 1,000 most-used passwords are made up of nothing however numerals.

As well as, ‘123456’ appealed to folks of varied age cohorts, because it was the most-favored choice amongst millennials, Era X and child boomers alike, and the second most-popular choice amongst Era Z and the Silent Era (after ‘12345’). That is based on NordPass’ evaluation, which is predicated on billions of leaked passwords and sheds gentle on password traits amongst folks in 44 nations.  

One other all-too-predictable selection, ‘admin’, trailed shut behind, with ‘12345678’, ‘123456789’ and ‘12345’ coming subsequent, as many individuals clearly proceed to favor comfort, placing their private information, cash and probably reputations in danger.

Within the US and the UK, the general image was simply as grim, with ‘admin’ taking the highest spot in each nations. Within the US, the one and solely ‘password’ and ‘123456’ took the second and third spots, respectively; within the UK, the 2 simply swapped locations.

A lot the identical image is painted by Comparitech’s analysis into two billion actual account passwords leaked on information breach boards in 2025, because it had ‘123456’, ‘12345678’ and ‘123456789’ atop its listing.

Usual, usual

Utilizing an easily-guessable password is tantamount to locking the entrance door of your home with a paper latch. It gives no precise resistance, and attackers can use brute-force or credential stuffing methods that permit them to make fast work of such weak or reused passwords at scale.

It goes with out saying, subsequently, that in case your password made it amongst these commonest password decisions, you’ll be very nicely suggested to vary it instantly. Use a powerful and distinctive password or passphrase for every account and ideally, retailer them in a good password supervisor.

Regardless of how cussed, nevertheless, a password remains to be solely a single barrier between your account and a hacker. That’s why two-factor authentication (2FA) as an additional layer of safety is a non-negotiable line of protection lately, significantly for accounts that include Personally Identifiable Info (PII) or different essential information.

The dangers rise sharply in company environments. Weak, apparent, or reused passwords can expose not solely particular person workers, however complete organizations, their clients, and their companions. Certainly, in lots of circumstances, the preliminary level of entry is neither subtle nor novel; as an alternative, it’s merely a password that ought to by no means have been trusted within the first place. The implications, in the meantime, are hardly ever trivial and span monetary loss, operational disruption, regulatory scrutiny, and long-term reputational harm. Which is why firms want a mix of technical safeguards and ongoing safety consciousness coaching applications for workers.

In the meantime, the technical obstacles for ne’er-do-wells have by no means been decrease. Fashionable instruments can take a look at numerous mixtures of login credentials in minutes, so the percentages are firmly stacked within the attacker’s favor. Plus, within the digital ecosystem constructed on interconnected providers and shared identities, the harm stemming from one account takeover is unlikely to remain contained for lengthy.

Additionally, passkeys are quickly turning into commonplace, and lots of main platforms, together with Apple, Google, and Amazon, now supply them as a main login technique.

You might need had many New 12 months’s resolutions heading into 2026. But when your individual passwords seem on both listing above, enhancing your account safety must be one of the vital essential of them.