Coming up with strong and unique passwords for all of your online accounts can be difficult which is why many users have turned to using a password manager (opens in new tab) to store their passwords.
Unfortunately though, many users are still using insecure passwords for their online accounts and new research from NordPass (opens in new tab) has highlighted the most common passwords of 2020.
At the top of the list is “123456” and while this password can be cracked in less than a minute using a password recovery solution (opens in new tab), 2.5m users are still using it. The second worst password this year adds a few more numbers with “123456789” but it is still just as easy to crack and used by close to a million users. The number three password on NordPass's list of the most common 200 passwords of 2020 (opens in new tab) is “picture1” and despite being a new entry on he list, it takes just three hours to crack. Filling out the rest of the spots in the top 10 worst passwords of the year are “12345678”, “1111111”, “123123”, “12345”, “1234567890” and another new entry “senha”.
- We've put together a list of the best password generators (opens in new tab) around
- These are the best security keys (opens in new tab) on the market
- Also check out our roundup of the best identity management (opens in new tab) software
According to NordPass, the majority of people use simple and easy-to-remember passwords because it's convenient. However, the problem is that most memorable passwords are highly vulnerable to cracking. When it came to the categories used to create passwords, NordPass found that users typically base their passwords around numbers, QWERTY, swear words, devices, passwords, names, entertainment, sports, positive words, random letters and food.
Creating strong passwords
The first step to creating your own strong passwords (opens in new tab) is knowing what to avoid when doing so.
NordPass recommends that users avoid using dictionary words, number combinations, repetitive characters or strings of adjacent keyboard combinations. It's especially important that users refrain from choosing passwords based on personal details that may not be completely confidential such as their name, phone number or birth date as much of this information is publicly available.
To create strong passwords for each of your accounts, they should be up to 12 characters long and include a mix of upper and lower case letters, numbers and symbols. Users should also change their passwords at least every 90 days.
If you're having difficulties creating a strong and unique password for each of your online accounts, you can always use a password generator (opens in new tab) though many of today's best password managers have one already built in.
- We've also highlighted the best business password management software