Newsletter and Subscription Sign Up

Top 20 Most Common Passwords of 2020

Published Friday Dec 11, 2020

Top 20 Most Common Passwords of 2020

NordPass released its annual research on the most common passwords of the year. The most popular passwords of 2020 were easy-to-guess number combinations, such as “123456”, the word “password," “qwerty,” “iloveyou,” and other uncomplicated passwords.

The list of passwords was compiled in partnership with a third-party company that specializes in data breach research. They evaluated a database that contained 275,699,516 passwords in total, of which only 122,894,788 or 44% were unique.

Here are the Top 20 passwords you should never use. The full list is available here:

  1. 123456
  2. 123456789
  3. picture1
  4. password
  5. 12345678
  6. 111111
  7. 123123
  8. 12345
  9. 1234567890
  10.  senha (Note: senha means “password” in Portuguese)
  11.  1234567
  12. qwerty
  13. abc123
  14.  Million2
  15.  000000
  16. 1234
  17. iloveyou
  18. aaron431
  19. password1
  20. qqww1122

Despite constant reminders from cybersecurity experts, it is clear most people use simple, obvious passwords. For example, the password that was first on the list in 2020 was second in 2019. And the #2 password from 2020 was third in 2019.

Less than half of the most common passwords for 2020 were new to the list.

Overall, people still use easy-to-remember passwords, including their own names, favorite sports, foods, etc.

What to do if your password is on the “most popular” list

Chad Hammond, a security expert at NordPass, suggests changing your password immediately if you find it on the list. “Most of these passwords can be hacked in less than a second. Also, they have already been exposed in previous data breaches. For example, the most popular password “123456” has been breached 23,597,311 times,” Hammond said. 

Hammond also warns about the threats of not using a unique password. “For example, ... You might lose your Facebook or another important account with all its content. Also, your email address could be used for phishing attacks or for scamming your family and friends, who may very well fall for it, as the email will supposedly be coming from you."

Here are five tips on how to maintain good password hygiene:

  • Go over all the accounts you have and delete the ones you no longer use.
  • Update all your passwords and use unique, complicated ones to safeguard your accounts. Employ a password generator to make sure they are impossible to guess. To see if any of your current passwords have ever been exposed online, you can also check them using an online strength checker.
  • Use 2FA or two-factor authentication, which is a method of establishing access to an online account or computer system that requires the user to provide two different types of information. Whether it’s an app, biometric data, or hardware security key, your accounts will be much safer when you add that extra layer of protection.
  • Set up a password manager. It is a great tool for both generating and storing passwords. Advanced password managers like NordPass also have useful features such as Data Breach Scanner, which helps you find out whether any of your accounts have been compromised.
  • Make sure to check your every account for suspicious activity regularly. If you notice something unusual, change your password immediately.

NordPass is a password manager that allows users to access passwords securely on desktop, mobile, and browsers. All passwords are encrypted on the device, so only the user can access them. For more information, visit

All Stories