Passwords

The following lists are the worst passwords from 2018-2020 - with the first providing information regarding how long it may take attackers to crack a "weak or bad" password and how many times it has been exposed. We strongly encourage anyone using any listed or similar passwords to change immediately. The resources under "Creating a better password" can assist in creating more secure options.

Top 10 most common passwords of the year 2020

Image: NordPass

Worst passwords 2018-2020

2018

123456
password
123456789
12345678
12345
111111
1234567
sunshine
qwerty
iloveyou
princess
admin
welcome
666666
abc123
football
123123
monkey
654321
!@#$%^&*
charlie
aa123456
donald
password1
qwerty123

Source: Nordpass and SplashData

2019

123456
123456789
qwerty
password
1234567
12345678
12345
iloveyou
111111
123123
abc123
qwerty123
1q2w3e4r
admin
qwertyuiop
654321
555555
lovely
7777777
welcome
888888
princess
dragon
password1
123qwe

2020

123456
123456789
picture1
password
12345678
111111
123123
12345
1234567890
senha
1234567
qwerty
abc123
Million2
OOOOOO
1234
iloveyou
aaron431
password1
qqww1122
123
omgpop
123321
654321
qwertuiop

Creating a better password

  1. USNH recommendations for creating a strong password
  2. Follow the requirements in USNH Password Policy.
  3. Do not use dictionary words
  4. Length matters - long passphrases are better than short, complex passwords; and may be easier to remember!
  5. Do not create passwords with personal information
  6. Use a password manager to help manage usernames and passwords for multiple applications/sites.
  7. Use online tools to help determine how safe a potential password might be
    1. My1login Password Strength test - shows how long it might take to crack a password
    2. Have I Been Pwned? - compares password against a database of compromised passwords circulating on the dark web