We need to start taking our passwords seriously, come on

passwords
(Image credit: Shutterstock / vladwel)

A raft of recent research has once again revealed that many of us are still absolutely terrible when it comes to creating strong password.

This includes a new report from password manager Nordpass, which examined a database that totals over 3TB of compromised passwords and spans users from 30 countries in order to reveal the top 200 passwords, ranking entries by how many instances were found, how easy they were to crack, in addition to popularity by country and, where possible, gender. 

Perhaps unsurprisingly, Nordpass found that “password” remains the top choice, with “12345” taking the second spot worldwide.

NordPass Family: $11.87 $2.79/month at NordPass
Save 60%
was £34.99 now £84.99 at go.nordpass.io

NordPass Family: $11.87 $2.79/month at NordPass
Save 60%
Get a digital life manager with NordPass, a password manager from one of the world's biggest security firms for up to six premium accounts and unlike some competitors, its price remains the same after a year.

The rest of the list is largely comprised of other variants of letters and numbers not-so randomly stuck together, with “quertyuiop” (the top letter row of most English-language keyboards), sitting at rank 36 globally.

Direct comparisons of the Nordpass data show that no one gender is more security conscious than the other, they simply make bad choices differently.

For example, in a comparison of the top ten passwords in the UK, males largely choose the names of football teams (“liverpool”, “arsenal” and “chelsea” are ranked fifth, sixth, and eighth amongst them, respectively), while women picked names (“charlie”, ranked third), places (“london”, seventh), or other outlying nouns (“chocolate” and “monkey”, eighth and ninth).

A separate study by password management company Specops Software, analysing over 800 million compromised passwords, also reveals that the ongoing FIFA World Cup is impacting password choices, with users opting for the names of international teams, past and present players, and other relevant but common terms. 

For example, over 1.3 million instances of "USA" as a password were recorded, while “kane”, for England star Harry Kane, appeared over 133,000 times - and even simply “soccer” appeared over 140,000 times. 

Looking at Specops’ data with Nordpass’ gender divide in mind, it may well be offering an insight into password choices made, chiefly, by male users.

Also covering Nordpass’ report, 9to5Google found that people have even turned to using the name of their phone manufacturer for its password. 

At present, “samsung” is the 78th most popular password in the world, and “googledummy” ranks 145th. spelling trouble for the enormous number of people who swear by the best Android, Samsung and iPhones out there.

Keeping all your data secure

If you can pick your password out of a dictionary, atlas, other reference book, or read it off a keyboard, it’s a bad one, as it’ll only take a matter of seconds, minutes, or hours for a threat actor to crack, giving them unfettered access to sensitive data. 

Passwords should be unique to you, if not completely randomized by a password generator and stored in a reputable manager. 

Consumers should also consider the cutting edge biometric authentication standard Passkeys, currently built into Apple devices, and implemented for other platforms by Google and 1Password. At time of writing, these alternatives are in open beta and set to arrive in 2023, respectively.

While TechRadar Pro readers may be less likely to make common mistakes when securing their business’ tech stack, it raises uncomfortable questions about consumer security habits, and how that might affect the passwords that employees choose for themselves when offered the choice.

Organizations should also consider multi-factor authentication as part of a Zero Trust security strategy, eliminating passwords entirely while still ensuring security.

Luke Hughes
Staff Writer

 Luke Hughes holds the role of Staff Writer at TechRadar Pro, producing news, features and deals content across topics ranging from computing to cloud services, cybersecurity, data privacy and business software.

Read more
password manager
I'm a security expert - here are my biggest tips for creating a secure password for work and home life to stay safe online
Cartoon Phishing
Over a billion credentials stolen were stolen in malware attacks in 2024
Hand holding smartphone and scan fingerprint biometric identity for unlock her mobile phone
Passwordless authentication continues to grow, with biometrics helping push adoption
Young woman working at a coffee shop with a laptop
Too many passwords, not enough brain space? Here’s how password managers can improve your life
Hands typing on a keyboard surrounded by security icons
Best password generator of 2025
Person using finger print authentication
Passwords out, passkeys in: The future of secure authentication
Latest in Security
A man holds a smartphone iPhone screen showing various social media apps including YouTube, TikTok, Facebook, Threads, Instagram and X
A worrying Apple Password App vulnerability reportedlyleft users exposed for months
DeepSeek
Fake DeepSeek installers are infecting your device with dangerous malware
AI tools.
Not even fairy tales are safe - researchers weaponise bedtime stories to jailbreak AI chatbots and create malware
Data leak
Top California sperm bank suffers embarrassing leak
An Android phone being held in the hand
These malicious Android apps were installed over 60 million times - here's how to stay safe
ransomware avast
Billions of credentials were stolen from businesses around the world in 2024
Latest in News
A man holds a smartphone iPhone screen showing various social media apps including YouTube, TikTok, Facebook, Threads, Instagram and X
A worrying Apple Password App vulnerability reportedlyleft users exposed for months
Google Pixel 9a
Google is delaying the Pixel 9a to fix a mystery “component quality issue”
ExpressVPN mobile app and Aircove
ExpressVPN ‘reduces workforce’ for the second time in two years
The Nanoleaf PC Screen Mirror Lightstrip being used on a desktop computer.
Mac gaming could get an intriguing boost – but not in the way you'd expect
Snapdragon G Series
Qualcomm poised to muscle in on AMD's territory with powerful gaming handheld processors
David running in the desert in House of David.
Prime Video’s hit new historical drama will continue its reign for another season as House of David gets renewed