Top 200 most common passwords

Your online identity and private information need to be kept safe as data breaches and cyberattacks are becoming more and more common these days. So, taking care of your passwords is essential.

Category: News

In other words, ensuring you have a strong and unique password is key. But unfortunately, many people still lapse in making sure their password is both strong and unique.

Compared to the data from 2021, 73% of the 200 most common passwords in 2022 remain the same. Furthermore, 83% of the passwords in this year’s list can be cracked in less than a second.

Despite cybersecurity experts continuously warning about the consequences of irresponsible password management, internet users were found guilty again. The research shows that people still use weak passwords to protect their accounts. Here are the top 200 most common passwords in 2022. Explore the list now.


Globally, the most common password this year is “password.”

Research shows "guest" overtakes "123456" as No. 1 in the US

In 2022, "guest" overtakes "123456” as the most-used password in the U.S., according to NordPass. Last year’s winner, "123456," also seems to be retaining favor, finishing in second place.

NordPass has just revealed the results of its annual most common password research. This year's study looked into password creation trends worldwide and how password usage differs by gender across 30 researched countries. For the first time, NordPass also analyzed how pop culture trends influence password choices.

Top 20 most common passwords

The most used passwords are all extremely similar, fairly predictable, and follow the same patterns. Variations of “123456789” are very popular and dominate this list, taking up seven of the ten rankings. In terms of alphabetical passwords, nearly a quarter of Americans use the phrase “qwerty” as an exact or partial match in their passwords. 

Below are the 20 most common passwords in the U.S. The full study is available here.

  1. guest
  2. 123456
  3. password
  4. 12345
  5. a1b2c3
  6. 123456789
  7. Password1
  8. 1234
  9. abc123
  10. 12345678
  11. qwerty
  12. baseball
  13. football
  14. unknown
  15. soccer
  16. jordan23
  17. iloveyou
  18. monkey
  19. shadow
  20. g_czechout

This year, NordPass presented both a global list as well as segregated data for 30 countries worldwide. Gender-specific information is also available on the website.

Key takeaways

Here are some lessons we can learn from this top 20 passwords list:

  • Numerical sequences are ineffective. Even if your password doesn’t use 1 through 9 in order, choosing numbers in a sequence makes your password incredibly easy for hackers to guess.
  • Alphabetical sequences and dictionary words are just as bad. “Password” and “qwerty,” for example, are very overused and very easy to guess.
  • Add-ons at the end of a common phrase don’t do much to improve the strength of a password. No one will be fooled by a capital letter at the beginning plus an “!” or “1” at the end of a numerical or alphabetical sequence.
  • To create a truly strong password, you’ll need to avoid dictionary words, phrases, and sequences altogether.

Don’t be surprised if your password made this list. But just because your password isn’t in the top 20 doesn’t mean you’re in the clear either. There are many common password patterns and categories that can make your accounts vulnerable. A recent study analyzed thousands of passwords and identified common categories that show up across the board. The top of the most hacked passwords list includes themes such as:

  • Pet names
  • First names
  • Animals
  • Emotions
  • Food

Hackers will be able to guess your password much more easily if:

  • Your password is too short and too simple. This could look like a single word followed by a number or an exclamation point or a single numerical phrase like a birthdate.
  • Your password is reused across multiple accounts. This practice should be avoided because once a hacker accesses one of your accounts, they’ll be able to access all of the accounts that share that password and guess any similar ones.
  • Your password contains personal information. Using birth dates, personal information, or a street address isn’t suitable for a strong password. 

What might happen if I use one of these passwords?

If you have easy-to-guess passwords, you might not think you’re a target, but you’re at a higher risk of a data breach. When your password is stolen on one account, hackers can easily access other accounts, including banking and financial information, which can lead to credit card fraud and identity theft. 

How to generate a strong password?

  1. Use long password combinations
  2. Combine numbers, symbols, lowercase, and uppercase letters
  3. Avoid popular passwords
  4. Use a password manager eg Lastpass or Nordpass

It’s time to strengthen your password game

If you know your passwords are weak, and you’re ready to level up your cybersecurity, you don’t have to do it alone—NordPass’s Password Generator provides an easy way to apply all the rules, tips, and best practices surrounding password generation.