Most Common Passwords Used
When cybersecurity researchers analyze data breaches, they discover something both fascinating and terrifying: millions of people protect their digital lives with passwords that a child could guess in seconds. These weak passwords act like leaving your front door wide open with a neon sign pointing inside.
Recent analysis of over 2 billion real account passwords leaked on data breach forums in 2025 reveals that the same predictable patterns keep appearing, making hackers’ jobs ridiculously easy. Understanding which passwords show up most frequently can help you avoid making the same mistakes.
Here is a list of the most common passwords that people continue to use despite the obvious security risks.
12345678
When some people think they’re being clever by adding two more digits to the classic ‘123456’, they end up with this gem. This password appeared 3.6 million times in the same dataset.
The extra length might fool a system’s character requirement, but it won’t fool anyone actually trying to break in.
123456789
Going all the way to nine feels like real effort, right? Wrong.
This extended number sequence remains one of the top passwords because our brains love patterns. Number sequences are about as easy as it gets concerning password cracking, and attackers know to try these first.
password
The word ‘password’ has earned the dubious honor of being the world’s worst password at least once during a six-year tracking study. Using the literal word for what you’re creating is like hiding your house key under a doormat labeled ‘key here’.
This default password appeared in 56 million compromised accounts, showing just how widespread this lazy habit remains.
admin
System administrators and regular users alike love this one. The password ‘admin’ appeared in 53 million accounts across various breaches.
It’s particularly common for default accounts that never get changed, which is basically an engraved invitation for hackers.
12345
Why type six digits when five will do? This shortened version appeals to the same crowd that uses ‘123456’, just with even less effort.
The password ‘1234’ ranked as the fifth most common in 2025, proving that shorter isn’t better when it comes to security.
qwerty
Look down at your keyboard’s top row of letters and you’ll understand why this password exists. It’s marginally more creative than pure numbers, but not by much.
About 1.6% of the top 1,000 most-common passwords contained the string ‘qwerty’, often combined with numbers for that false sense of security.
1234
Four characters might meet a bare minimum password requirement, but it’s like installing a screen door on a submarine. Modern password cracking programs make short work of weak passwords, and this four-digit disaster takes literally less than a second to crack.
123
Three characters are basically begging to get hacked. This password ranked as the ninth-most common despite containing just three numbers.
Some websites still allow passwords this short, though they really shouldn’t.
1234567890
Some people apparently think that including zero at the end of the number sequence adds extra security. It doesn’t.
About 38.6% of passwords in the top 1,000 contained the string ‘123’, and this one’s just a longer version of the same problem.
111111
When creativity reaches rock bottom, you get six identical digits. This single-character repetition was the 18th most used password.
It’s memorable, sure, but so is your own name—and that would still be a terrible password choice.
welcome
The word ‘welcome’ appeared in 1% of the top 1,000 most-common passwords. There’s an irony to using a greeting as a password, essentially welcoming hackers into your accounts.
This common word offers no real protection since it’s found in every dictionary attack list.
password1
Adding a single digit to ‘password’ is like putting a band-aid on a broken bone. People think they’re meeting complexity requirements, but they’re just making a terrible password slightly more terrible.
Hackers know to check these obvious variations first.
abc123
This password combines the beginning of the alphabet with the beginning of numbers, creating a classic that’s been terrible for decades. About 3.1% of common passwords contained the string ‘abc’.
It’s a childhood classic that should stay in childhood.
minecraft
The word ‘minecraft’ appeared nearly 70,000 times in leaked passwords, plus another 20,000 times with alternative casing. Popular culture references might feel personal, but they’re predictable.
Hackers maintain lists of trending games, movies, and shows specifically because people use them constantly.
Why These Passwords Persist
The pattern across all these passwords reveals an uncomfortable truth about human nature. About 46% of people are more likely to choose an easy-to-remember password than a secure one, prioritizing convenience over protection.
The average person manages over 100 online accounts, making the temptation to reuse simple passwords almost irresistible. Password managers help generate and remember secure, unique passwords for each login, solving the memory problem while actually improving security.
The passwords on this list represent decades of bad habits that continue despite countless warnings, proving that knowing better doesn’t always mean doing better.
More from Go2Tutors!
- The Romanov Crown Jewels and Their Tragic Fate
- 13 Historical Mysteries That Science Still Can’t Solve
- Famous Hoaxes That Fooled the World for Years
- 15 Child Stars with Tragic Adult Lives
- 16 Famous Jewelry Pieces in History
Like Go2Tutors’s content? Follow us on MSN.
