Standard Office Systems Blog

Worst Passwords of 2020 + 3 Password Creation Tips

Written by Andre Schafer | 1/15/21 5:00 PM

CYBER SECURITY | 6.5 MIN READ

While you may think that your passwords are relatively secure, one of you or your employees' passwords may have unknowingly made NordPass' 2020 Worst Passwords List. Weak passwords can lead to financial fraud, data breaches, phishing attacks, and more, which is why password security should be a top priority for companies looking to keep data secure. Keep reading to learn the top 200 worst passwords of 2020 and tips on how you can create a strong password.

Not enough time? Jump to:

Worst Passwords of 2020 List

Password Trends

Tips to Create a Secure Password

Worst Passwords of 2020 List

The following list, which was sourced from NordPass, a popular password manager, comprises the top 200 Worst Passwords of 2020 List. This was sourced from a database containing over 275 million passwords.

List Position Password Amount of Time to Crack It
1. 123456 Less than a second
2. 123456789 Less than a second
3. picture1 3 hours
4. password Less than a second
5. 12345678 Less than a second
6.  111111 Less than a second
7.  123123 Less than a second
8. 12345 Less than a second
9.  1234567890 Less than a second
10.  senha 10 seconds
11. 1234567 Less than a second
12. qwerty Less than a second
13. abc123 Less than a second
14. Million2 3 hours
15. 000000 Less than a second
16. 1234 Less than a second
17. iloveyou Less than a second
18. aaron431 3 hours
19. password1 Less than a second
20. qqww1122 52 minutes
21. 123 Less than a second
22. omgpop 2 minutes
23. 123321 Less than a second
24. 654321 Less than a second
25. qwertyuiop Less than a second
26. qwer123456 4 seconds
27. 123456a Less than a second
28. a123456 Less than a second
29. 666666 Less than a second
30. asdfghjkl Less than a second
31. ashley 2 minutes
32. 987654321 Less than a second
33. unknown 17 minutes
34. zxcvbnm Less than a second
35. 112233 Less than a second
36. chatbooks 1 day
37. 20100728 Less than a second
38. 123123123 Less than a second
39. princess Less than a second
40. jacket025 8 hours
41. evite 10 seconds
42. 123abc Less than a second
43. 123qwe Less than a second
44. sunshine Less than a second
45. 121212 Less than a second
46. dragon Less than a second
47. 1q2w3e4r Less than a second
48. 5201314 26 seconds
49. 159753 Less than a second
50. 0123456789 Less than a second
51. pokemon Less than a second
52. qwerty123 Less than a second
53. Bangbang123 2 days
54. jobandtalent 3 years
55. monkey Less than a second
56. 1qaz2wsx Less than a second
57. abcd1234 Less than a second
58. default 3 minutes
59. aaaaaa Less than a second
60. soccer Less than a second
61. 123654 Less than a second
62. ohmnamah23 12 days
63. 12345678910 Less than a second
64. zing 1 second
65. shadow Less than a second
66. 102030 Less than a second
67. 11111111 Less than a second
68. asdfgh Less than a second
69. 147258369 Less than a second
70. qazwsx Less than a second
71. qwe123 Less than a second
72. michael 8 seconds
73. football Less than a second
74. baseball Less than a second
75. 1q2w3e4r5t Less than a second
76. party 10 seconds
77. daniel 5 seconds
78. asdasd Less than a second
79. 222222 Less than a second
80. myspace1 3 hours
81. asd123 Less than a second
82. 555555 Less than a second
83. a123456789 Less than a second
84. 888888 Less than a second
85. 7777777 Less than a second
86. fuckyou Less than a second
87. 1234qwer Less than a second
88. superman Less than a second
89. 147258 Less than a second
90. 999999 Less than a second
91. 159357 Less than a second
92. love123 Less than a second
93. tigger Less than a second
94. purple Less than a second
95. samantha Less than a second
96. charlie Less than a second
97. babygirl Less than a second
98. 88888888 Less than a second
99. jordan23 Less than a second
100. 789456123 Less than a second
101. jordan Less than a second
102. anhyeuem Less than a second
103. killer Less than a second
104. basketball 10 seconds
105. michelle 3 hours
106. 1q2w3e Less than a second
107. lol123 Less than a second
108. qwerty1 Less than a second
109. 789456 Less than a second
110. 6655321 9 seconds
111. nicole 2 minutes
112. naruto Less than a second
113. master Less than a second
114. chocolate 3 seconds
115. maggie Less than a second
116. computer Less than a second
117. hannah Less than a second
118. jessica 7 seconds
119. 123456789a Less than a second
120. password123 Less than a second
121. hunter Less than a second
122. 686584 43 seconds
123. iloveyou1 1 second
124. 987654321 Less than a second
125. justin 2 minutes
126. cookie Less than a second
127. hello Less than a second
128. blink182 Less than a second
129. andrew 2 minutes
130. 25251325 7 minutes
131. love Less than a second
132. 987654 Less than a second
133. bailey 2 minutes
134. princess1 1 second
135. 0123456 Less than a second
136. 101010 Less than a second
137. 12341234 Less than a second
138. a801016 33 seconds
139. 1111 Less than a second
140. 1111111 Less than a second
141. anthony 17 minutes
142. yugioh 2 minutes
143. fuckyou1 Less than a second
144. amanda 2 minutes
145. asdf1234 Less than a second
146. trustno1 Less than a second
147. butterfly Less than a second
148. x4ivygA51F 12 days
149. iloveu Less than a second
150. batman Less than a second
151. starwars Less than a second
152. summer Less than a second
153. michael1 Less than a second
154. 00000000 Less than a second
155. lovely Less than a second
156. jakcgt333 3 hours
157. buster Less than a second
158. jennifer 2 hours
159. babygirl1 2 seconds
160. family 2 minutes
161. 456789 Less than a second
162. azerty Less than a second
163. andrea 2 minutes
164. q1w2e3r4 Less than a second
165. qwer1234 Less than a second
166. hello123 Less than a second
167. 10203 Less than a second
168. matthew 17 minutes
169. pepper Less than a second
170. 12345a Less than a second
171. letmein Less than a second
172. joshua 2 minutes
173. 131313 Less than a second
174. 123456b 1 second
175. madison Less than a second
176. Sample123 3 hours
177. 777777 Less than a second
178. football1 Less than a second
179. jesus1 Less than a second
180. taylor 17 seconds
181. b123456 1 second
182. whatever Less than a second
183. welcome Less than a second
184. ginger Less than a second
185. flower Less than a second
186. 333333 Less than a second
187. 1111111111 Less than a second
188. robert Less than a second
189. samsung Less than a second
190. a12345 Less than a second
191. loveme Less than a second
192. gabriel 5 seconds
193. alexander 2 seconds
194. cheese Less than a second
195. passw0rd Less than a second
196. 142536 Less than a second
197. peanut Less than a second
198. 11223344 Less than a second
199. thomas 8 seconds
200. angel1 Less than a second

Password Trends

Below are some password trends sourced using data from the above list. Use these trends to learn how not to build your passwords.

Variations Using Keyboard Layouts

Hackers know common passwords and take advantage of that to crack account credentials. Many people create easy passwords by simply stringing together characters in the order they appear on their keyboard

For instance, as you can see in the list above, variations of passwords such as "12345" and "qwerty" made the list numerous times. While passwords like this may be easy to create, they're just as easy to crack. 

Short

Short passwords can be cracked more quickly. As you'll see in the above list, many of the passwords could be cracked by a computer in less than a second because they were 8 characters or less.

Using long passwords or even passphrases makes it harder for a hacker or bot to crack them, seeing as it will take much longer. 

No Uppercase Letters

Many passwords that made this list use only lowercase letters. In general, a lack of variety in your password, whether it's characters or capitalization, will decrease the time it takes a hacker to figure it out. Using a variety of lowercase and uppercase letters makes your password much harder to crack.

Little to No Special Characters 

Many passwords are considered weak because they only use letters and numbers. Special characters such as @ and !, can be used to make passwords much more complex.

Consider working special characters into your passwords to make them more elaborate. 

No Character Substitution

Many people construct their passwords using real words to make them easier to remember.

While this practice is a great first step towards creating secure passwords, people must keep in mind that character substitution can be used to make passwords much more complex and harder to crack, especially if those substitutions are random and not common.

Common character substitutions include changing out the letter a for @, or e for 3. While these substitutions are still memorable since the characters look similar to the original letter, they are commonly used and therefore hackers know to try those substitutions when cracking passwords.

Consider using nonsensical substitutions, such as using the number 9 in place of the letter v, or an exclamation point instead of the letter o.

Tips to Create a Secure Password

Don't Repeat Passwords

Repeating passwords across accounts creates opportunities for hackers to access every account that uses that password. Hackers know that a common mistake is to repeat passwords, which is why once they gain access to one account, they may try to hack others using the same credentials.

For instance, if you use the same password for your work email and your company's HR platform, a hacker that figures out the password to your email can also access your HR platform.

Even if you change a password slightly with character substitutions or a variation of capitalization, a hacker can quickly figure out a variation of a password.

Aim to have a different password for every account you have. Even if you use a variation of the repeated password for a non-important account like your Twitter profile, if a hacker breaks into accounts you don't care about, they are just a few steps away from breaking into accounts that you do value.

Use a Passphrase

Creating passphrases instead of passwords can better secure your accounts. Passphrases involve stringing together a few words, preferably with character substitutions, to create a lengthy and complex password that's hard to crack.

For instance, "blue chick!n Hawai8 sev0n" could be a passphrase. Note how character substitutions were used to make the passphrase more complex. Keep in mind, however, that hackers know all of the most common character substitutions, such as using 3 for e and @ for a, so consider using randomized character substitutions like the ones above.

Don't Use Easy-to-Find Personal Information

Basic personal information such as your birthday and your alma mater are easy to remember, which is why many people include this kind of information in their passwords.

However, in the age of social media, this information can easily be found online. If a hacker browses your Facebook profile, for instance, they can use your pictures, posts, and "About Me" information to find out the common information used in passwords.

Though you may be tempted to include common personal information in your passwords, refrain from doing so whenever possible. If you really prefer to use personal information to make a memorable password, consider using extremely specific information that's not readily available online.

For instance, if your dream job when you were a kid was an astronaut, you can incorporate that into your password. Or, if you had a favorite dining hall in college, maybe include some variation of that in a password. When building a password, aim to use as much hard-to-find information as possible.

RELATED: How to Create and Secure a Strong Password?

 

As a Managed Service Provider, we assist companies in implementing employee cyber security education policies such as password protocols to mitigate data breach risks.

Use the Worst Passwords of 2020 List as a guide on what not to do, and our password tips as a guide on what to do instead.

Follow our blog for more trending cyber security topics!