Yup, millions of us are still using ‘12345’ and ‘password’ as a passwords, security survey shows

You’d think by now, people would be taking cyber security a little bit more seriously, but you’d be wrong.  According to VPN company NordPass, more than 2.5 million Americans used “123456” as their digital device password in 2020. 

If you really need a reason why that’s not too bright, NordPass says it takes an average of less than a second to crack that password.

In second place, only slightly more clever people used “123456789” as their password. Not that the extra digits bought any extra time for it to be cracked: it also took less than a second, some 7.8 million times this year.

And as you might think would be the case, a lot of us also chose “password” as their password in 2020 — more than 360,000, in fact. 

Rounding out the top 10 worst passwords list was a newcomer for this year: “senha,” which means “password” in Portuguese. Such trickery took 10 seconds to crack.

As it does every year, NordPass logged the worst 200 passwords used in this country and how long on average it takes a hacker to figure them out. Here are the top 10 for 2020 — do better than these:

1. 12345 — Less than a second
2. 123456789 — Less than a second
3. picture1 — 3 hours
4. password — Less than a second
5. 12345678 — Less than a second
6. 111111 — Less than a second
7. 123123 — Less than a second
8. 12345 — Less than a second
9. 1234567890 — Less than a second
10. senha (that’s Portuguese for “password”) — 10 seconds

Experts at the company advise that you not re-use passwords across programs or applications — like say, your work email and your Facebook account. You should also make your passwords at least 12 characters long, using upper and lower-case letters, numbers, and symbols. Oh, and change your passwords at least every 90 days, they insist. 

If you can’t think of any, you can use a password generator, and utilize companies like NordPass to safely store all those special codes.