2020’s Most Common Passwords Revealed and How to Build Uncrackable Ones

On November 19, security firm NordPass examined 275.7 million passwords and released the 2020 Top 200 most‑used password list.

The password “123456” topped the list with nearly 2.5 million users; it was the second‑most common the previous year and has been cracked over 23.5 million times.

The top ten passwords are:

123456

123456789

picture1

password

12345678

111111

123123

12345

1234567890

senha

“picture1” and “senha” (Portuguese for “password”) are new entries for 2020. The ten most common passwords can be cracked in ten seconds or less, while “picture1” can be broken within three hours.

These weak passwords—simple numeric or alphabetic strings, keyboard‑adjacent patterns, or personal name abbreviations—lead to frequent security breaches for individuals and organizations.

NordPass recommends the following practices:

1. Avoid dictionary words, simple numeric combos, or adjacent‑key patterns. Examples: “password”, “qwerty”, “123456”.

2. Do not repeat characters or use personal information. Avoid “aaaa”, “123abc”, phone numbers, birth dates, or names.

3. Use a unique, long password (at least 12 characters) for each account, mixing upper‑ and lower‑case letters, numbers, and symbols.

4. Change passwords at least every 90 days and consider using a password generator.

Creative password ideas were also shared, such as poetic strings, tongue‑twisters, and culturally inspired phrases, as well as complex gesture‑based passwords illustrated below:

Full list: https://nordpass.com/most-common-passwords-list/

Readers are invited to share their own password‑creation methods. Reference links are provided for further reading.