Skip to Content
© Designer491 | Dreamstime.com
Security & privacy

Top 20 worst passwords: Is yours on the list?

Has it been a while since you changed your password? If you’re using an old password or are reusing passwords across multiple sites, you’re basically asking for trouble.

Password security is critical if you value your privacy. Weak, reused or clearly bad passwords open you to being targeted for identity theft and other cybercrimes by hackers and other bad guys. Want more info? Tap or click here for 10 internet crimes you need to know about.

The thing is, you may not even realize you’re putting yourself at risk via your passwords. There were tons of bad passwords that people used during 2020, and it looks like cybercriminals have them figured out. Here are some passwords you need to stop using right away.

Common passwords topping the list

The new Groundhog Day List of the 20 Most Common Passwords of 2020 is out, and it’s a doozy. This annual list gives us information on the most common passwords found on the Dark Web each year.

The passwords on this list come right from the hands of cybercriminals, who steal passwords and then sell or publish them for free on the Dark Web. This makes it even easier for other criminals to access accounts and steal your information.

Year after year, we see the same types of passwords, like “123456” and “password,” at the top of the list. These types of weak passwords are just as bad as using recycled, reused or iterated passwords.

According to the list, most people will choose passwords that can be divided into 24 common combinations. Even worse? A whopping 49% of users will only change one letter or digit in their preferred passwords when they’re required to change their passwords up.

Related: How the FBI is alerting people to new cybercrimes

These password issues can end up being a major headache and a drain on the wallet. Weak passwords easily open you up to expensive cybersecurity disasters that were entirely preventable in the first place.

Without further ado, here are the top three most common passwords found on the Dark Web in 2020:

  • 123456
  • password
  • 12345678

Most common passwords by category

Security Boulevard, the group behind this list, also looks at common categories used for the passwords found on the Dark Web. In 2020, the main categories used to generate bad passwords included: names, sports, food, places, animals and famous people/characters.

Most of the bad passwords found on the Dark Web originate from these groups. In fact, about 59% of Americans use a person’s name or family birthday in their passwords. Another 33% include a pet’s name and, shockingly, a whopping 22% use their own name to create passwords. 

Even more troubling? The average user reuses that bad password about 14 times.

Here are the most common passwords found on the Dark Web by category:

  • Names: maggie
  • Sports: baseball
  • Food: cookie
  • Places: Newyork
  • Animals: lemonfish
  • Famous People/Characters: Tigger

What is a lemonfish? Seriously? Whatever it is, it tops the animals used in password creation.

Related: How to protect yourself from Dark Web data abuse

If you’re curious about the rest of the worst common passwords, here is the complete list:

  1. 123456
  2. password
  3. 12345678
  4. 12341234
  5. 1asdasdasdasd
  6. Qwerty123
  7. Password1
  8. 123456789
  9. Qwerty1
  10. :12345678secret
  11. Abc123
  12. 111111
  13. stratfor
  14. lemonfish
  15. sunshine
  16. 123123123
  17. 1234567890
  18. Password123
  19. 123123
  20. 1234567

Tips for good password security

Don’t use any of these passwords or make similar password mistakes. Use good password security instead.

To make sure your password is secure, you should:

  • Use unique passwords. Don’t reuse passwords across multiple accounts. Doing this puts all your accounts at high risk of being compromised if one is hacked.
  • Create complicated and sophisticated passwords. This sounds simple, but it works. If your password is made up of more than eight characters and you mix up letters, numbers and symbols, most hackers will just move on to targeting easier accounts.
  • Use a password manager. If you’re worried about forgetting passwords, use a password manager. They will keep your accounts secure while helping you easily log in to each account. We recommend our sponsor, RoboForm. Save 50% on RoboForm Everywhere and manage your passwords with ease and security.
  • Opt for a password generator. If you’re struggling to come up with a strong password, you might want to use a password generator to create yours. Random Password Generator is a good option. Just input the type and number of characters that you need and it quickly creates a complicated password for you and then automatically saves it in its password manager. 

Keep reading

Can you trust Apple’s new app privacy labels? One report says no

Scammers are impersonating FBI agents. Don’t let your family fall for it

Komando Community background

Join the Komando Community!

Get even more digital know-how and entertainment within the Komando Community! Watch or listen to The Kim Komando Show on your schedule, read Kim's eBooks for free, and get answers in the Tech Forum.

Join Now