The 'worst' passwords of 2022 unveiled — see if yours is one of them

The 'worst' passwords of 2020 unveiled — see if yours is 1 of them

Passwords written on colored Post-It notes and stuck to a laptop screen.

(Epitome credit: designer491/Shutterstock)

Information technology's getting almost the end of 2020, which means it'south fourth dimension for information-security companies to release their "worst passwords of the year" lists. The first contender comes from NordPass, the countersign-management arm of NordVPN, and some familiar entries acme that list.

The most common countersign of 2020, declares NordPass, is the succinct "123456," with some ii.v million instances in NordPass's sample data set up. The second, trailing far backside with a mere 961,000 instances, is the somewhat more complicated "123456789." The venerable "12345", of "Spaceballs" fame, doesn't even appear until No. viii.

The best countersign managers to keep your accounts safe
Why you lot should never reuse a password
Plus: Jupyter Trojan steals passwords from Chrome and Firefox — what to practise

Needless to say, those passwords won't protect your accounts. For existent password security, you have to make sure all your valuable passwords (those protecting social-media, banking, email or shopping accounts) are long and complex, to never reuse passwords for sensitive accounts, and to use one of the best countersign managers.

Nosotros're non sure how seriously to take NordPass' password findings because the firm wasn't terribly transparent about its methodology. The NordPass press release said only that the list "was compiled in partnership with a third-political party provider, which evaluated a database that independent 275,699,516 passwords in full."

We've asked NordPass who that third-political party provider might be, where the database came from and how sometime the data set is, and volition update this story when we receive a reply. The fact that "myspace1" is No. eighty indicates that some samples might be rather old, and there seems to be some overlap with a "dump" earlier this year of 33.vii one thousand thousand passwords stolen from LiveJournal in 2014.

Anyway, there are 200 "worst" passwords ranked by number of appearances in the information set, and you can view the list of terrible passwords on NordPass'southward website. Near all the recognizable words are in English, which makes us wonder how universal the list actually is. Many others are numerical strings or the result of typing adjacent keys on a QWERTY keyboard.

The top-ranking non-English discussion is No. x, "senha," which one of our co-workers pointed out is Portuguese for "password." The English word "password" is No. iv.

The most inexplicable entries are "aaron431" at No. 18, "ohmnamah23" at No. 62 (perchance a Hindu invocation) and "a801016" at No. 138. (Urban Dictionary tells usa that "anhyeuem," at No. 102, is i form of "I dearest you" in Vietnamese.)

At least those would be a little harder to guess, or "cleft" using computer algorithms, than the rest of the "worst" 200 entries. If y'all know what whatsoever of them might signify, drop usa a line in the comments.

Paul Wagenseil is a senior editor at Tom's Guide focused on security and privacy. He has also been a dishwasher, fry cook, long-booty driver, code monkey and video editor. He'southward been rooting around in the information-security space for more than 15 years at FoxNews.com, SecurityNewsDaily, TechNewsDaily and Tom'due south Guide, has presented talks at the ShmooCon, DerbyCon and BSides Las Vegas hacker conferences, shown up in random Telly news spots and even chastened a console give-and-take at the CEDIA home-technology conference. Y'all tin follow his rants on Twitter at @snd_wagenseil.