Tech Made Simple

Hot Topics: Holiday Gift Ideas | How to Fix Bluetooth Pairing Problems | How to Block Spam Calls | Snapchat Symbol Meaning

We may earn commissions when you buy from links on our site. Why you can trust us.

author photo

The Worst Passwords of 2024: Are You Guilty of Using One?

by Suzanne Kantra on November 14, 2024

Every year, NordPass’ list of the most common passwords reveals a troubling lack of creativity and security awareness among internet users, and 2024 is no exception. In fact, this year’s list might be the worst yet. The passwords are so predictable they seem to suggest people are either overly reliant on two-factor authentication or simply don’t care about protecting their accounts. This complacency leaves personal information vulnerable to increasingly sophisticated cyberattacks and the growing computation power of today's GPUs to hack passwords by brute force.

Concept drawing of a laptop on a desk with a sticky note that has a password written on it.

NordPass’ annual study, now in its sixth year, analyzed a database of leaked credentials to compile the Top 200 Most Common Passwords. The research spans both global trends and country-specific findings, including the United States. The results, compiled with the assistance of independent cybersecurity researchers, highlight just how quickly these weak passwords can be cracked – 78% of them in under one second.

Read more: New Password Guidelines Issued for Staying Ahead of Hackers

Keyboard patterns dominated the most common password lists. Globally, nearly half are made up of the easiest keyboard combinations, such as sequential numbers and “qwerty” patterns.

The ten worst passwords in the U.S.

Here are the most common passwords Americans used in 2024 – and why they’re so insecure:

  1. secret – A uniquely American favorite that’s deceptively simple to guess.
  2. 123456 – This sequential string remains a perennial offender, showing no signs of disappearing.
  3. password – The classic weak choice that hackers are always ready for.
  4. qwerty123 – A false attempt at complexity using a common keyboard pattern.
  5. qwerty1 – Another keyboard combination that’s easy to type and crack.
  6. 123456789 – Adding more digits doesn’t make it stronger; it’s just as predictable.
  7. password1 – A minor variation on “password” that provides no meaningful protection.
  8. 12345678 – Similar to “123456,” it’s just a few numbers longer and equally vulnerable.
  9. 12345 – Short, simple, and one of the easiest to hack.
  10. abc123 – The quintessential beginner password, popular but entirely insecure.

How to break the bad password habit

This year, we saw a big push from companies to encourage consumers to switch over to passkeys – and for good reason. I highly recommend switching to passkeys wherever possible. Unlike traditional passwords, passkeys are immune to phishing and mitigate many of the risks of hacking and theft. They leverage biometric data or cryptographic keys to authenticate users, making them far more secure.

Read more: Passkeys: Use This Secure and Convenient Alternative to Passwords

For sites and services that don’t yet support passkeys, a password manager is your next best option. A password manager can generate and store unique, random passwords that are nearly impossible to crack. Ideally, your passwords should be at least 16 characters long, combining letters, numbers, and symbols. NordPass is a highly secure and user-friendly password manager that I feel comfortable recommending, along with 1Password. Google Password Manager and Apple Password are excellent free options but lack cross-platform support and more advanced features, like secure notes, payment information, and file storage.

Read more: Apple Passwords vs iCloud Keychain: What’s Changed with iOS 18?

If your passwords resemble anything on the list above, it’s time to take action. Change your “bad” passwords, adopt passkeys, and use a password manager. The small effort it takes to upgrade your password habits now will pay off in the long run.

[Image credit: laptop with password sticky note concept generated by DALL-E]

Suzanne Kantra founded Techlicious 15+ years ago and has been covering consumer technology for more than 20 years. She was the Technology Editor for Martha Stewart Living Omnimedia, where she hosted the radio show “Living with Technology," and served as Senior Technology Editor for Popular Science Magazine. She has been featured on CNN, CBS, and NBC.


Topics

News, Computers and Software, Computer Safety & Support, Blog, Privacy


Discussion loading

Home | About | Meet the Team | Contact Us
Media Kit | Newsletter Sponsorships | Licensing & Permissions
Accessibility Statement
Terms of Use | Privacy & Cookie Policy

Techlicious participates in affiliate programs, including the Amazon Services LLC Associates Program, which provide a small commission from some, but not all, of the "click-thru to buy" links contained in our articles. These click-thru links are determined after the article has been written, based on price and product availability — the commissions do not impact our choice of recommended product, nor the price you pay. When you use these links, you help support our ongoing editorial mission to provide you with the best product recommendations.

© Techlicious LLC.