Account passwords play a crucial role in ensuring network security as they help protect your accounts, devices, and funds. However, many people choose login passwords that can be easily guessed by criminals within seconds.
Due to the reliance of criminals on automated tools, these tools first attempt simple words and common password patterns. When millions of people repeatedly use the same simple passwords, attackers can quickly gain access.
Criminals run scripts that try billions of password combinations per second. If your password is common, it can be cracked quickly by bad actors.
A stolen login credential can potentially leak your email, social media accounts, banking information, and more. Once attackers breach one account, they typically try to log in to other accounts using the same password.
Many attacks start this way.
NordPass and NordStellar are two cybersecurity companies specializing in tracking leaked credentials and network threats. They reviewed millions of leaked passwords to identify trends.
They also studied the password habits differences among users of different generations and found that many still rely on simple words, easy-to-enter number combinations, and familiar keyboard layouts. These choices provide attackers with a quick way to invade numerous accounts.
NordPass released the 20 most common passwords in the United States in 2025, with “Admin” topping the list, various variants of “password” occupying five positions, numerical strings appearing nine times, and an inappropriate term also making the list.
Below are the 20 most common passwords in the United States in 2025:
admin/password/123456/12345678/123456789/12345/Password/12345678910/Gmail.12345/Password1/Aa123456/f*******t/1234567890/abc123/Welcome1/Password1!/password1/1234567/111111/123123/
The United States is not alone; globally, “123456” is the most common password, followed closely by “Admin” and “12345678.” These password patterns are popular because they are easy to remember. Unfortunately, they are also easily cracked.
A noteworthy change is that more passwords now include special characters, and the increase is significant. However, most passwords are still not secure enough. Strings like “P@ssw0rd” and “Abcd@1234” still follow predictable rules and can be easily cracked by hacking tools.
Many people assume that young people, having grown up with smartphones and social media, understand network security, but research indicates that this notion is incorrect.
NordPass found that 18-year-olds and 80-year-olds often use the same weak password patterns. Young users prefer long number sequences, while older users tend to use names as passwords. Both groups do not create secure or random password strings.
Generation Z and Generation Y tend to avoid using names, while Generation X and older users frequently use names. Both methods have risks because attackers can anticipate these patterns.
Developing some simple habits can enhance your network security. These steps help prevent common attacks and protect your accounts.
1) Create strong random passwords.
Choose a long password or a short password phrase; passwords should be at least 20 characters long; mix letters, numbers, and special characters; avoid using fixed patterns.
2) Avoid password reuse.
Use different passwords for each account. Even if one account is compromised, the others remain secure.
3) Check and update weak passwords.
Check your old passwords; replace any passwords that are too short, easily predictable, or reused; using new passwords can lower risks.
4) Keep software updated.
Regularly update your phone, computer browser, and applications. These updates can fix security vulnerabilities and prevent criminals from exploiting them. If you fail to update promptly, the risk of weak passwords increases because attackers can leverage old software flaws and simple login methods to breach the system.
5) Use data erasure services.
Leaked passwords often come from old accounts on intermediary websites that you have long forgotten. Data erasure services can thoroughly remove your personal information from these sites, reducing the likelihood of your data being leaked. While these services can be pricey, the less your information circulates online, the less likely your accounts are to be targeted by attackers.
Other advanced methods include using password managers, adopting multi-factor authentication (MFA), and more.
Even with new tools and improved education, weak passwords will remain a significant issue in the future. By making some simple changes, you can enhance your network security. Cultivate good habits, and small changes can bring you stronger network protection, preventing criminals from invading your accounts.
(Adapted from a report by FOX NEWS)