Here Are Some of the Most Common and Hacked Passwords of 2023

Did you know that 83% of online users have a weak password? 

Some use their names, birth dates, and other easily deducible passwords and make hacking a breeze for cybercriminals.

If you recognize yourself (because who didn’t have their birthdate as a password?), this article is for you.

In this post, we’ll:

• Explain the difference between a strong and weak password;
• Provide a list of the most common passwords of 2023;
• Talk about the importance of password security by highlighting the consequences of password breaches;
• Provide tips to create a strong password and improve security. 

So, without further ado, let’s begin. 

What is a Strong Password and a Weak Password?

A password is a combination of alphanumeric characters like letters and numbers and special characters like hyphens, asterisks, dollar signs, etc. 

Therefore, password strength is simply the measure of how hard your password is to guess for hackers and programs. 

Strong passwords contain a combination of the following:

• Uppercase and lowercase letters;
• Numbers;
• Symbols. 

These passwords typically don’t contain any word that can be found in the dictionary or the name of a person, place, animal, thing, business, etc. 

The strongest passwords are 8-14 characters long. Examples include:

• 13$%As0039St1oE99;
• yt2R110874**?1gfGF2;
• 14899841#$%^ADgJ, etc.

As you can see, these passwords contain random characters and are quite difficult to remember. 

Weak passwords are the opposite. They’re generally categorized as:

• Short;
• Generic (Common);
• Default;
• Easy to remember.

Examples include:

• First names;
• Animals;
• Names with numerical sequences, e.g., Sam12345;
• Address and birth dates, etc. 

What Are the Most Common Passwords in 2023?

Below, we’ve listed the 20 most common account and device passwords users use. If you find yours on this list, you should change it right away:

1. Password, Pa$$word, Pa$sw0rd, and other variations;
2. 123456789;
3. 123456;
4. abc123;
5. iloveyou;
6. sunshine;
7. princess;
8. 123321;
9. 000000;
10. Qwerty or Qwerty123;
11. letmein;
12. asdfghjkl;
13. dragon;
14. monkey;
15. hello;
16. Manchesterutd, barcelonafc, halamadrid, forzamilan, and other football-related passwords;
17. dennis;
18. ficken;
19. lol123;
20. arschloch. 

It doesn’t mean you’re safe even if you don’t find your password on this list. 

Hackers don’t usually just come across accounts and test different common passwords to get access. 

They employ several tactics, such as spyware and phishing emails, to steal your information. They will learn your name, contact, habits, and other details they could use to deduce your passwords. 

So, if you use the same password across multiple accounts, they can also access them. 

What Happens if Your Passwords Are Compromised?

According to Windows Report, nearly 8 million passwords are hacked every day. 

Your accounts and devices could easily be next. 

Most casual users don’t take this threat too seriously. Here are just some of the potential consequences of a password breach:

Financial Loss

If a hacker gets access to your banking app’s password via phishing or other means, they can make unauthorized transactions using your credentials and steal your money. 

Identity Theft

Hackers and fraudsters who can access your social media and smartphone passwords can steal your identity for different malicious activities. 

For example, by pretending to be you, they can carry out social engineering attacks via messages and calls, disturbing your contacts. 

Reputational Damage

Business data breaches caused by cracked passwords can result in severe reputational damage and even invite legal action from clients and customers. News of breaches travels fast in the business world and can easily make you and your business the center of attention for all the wrong reasons. 

Compromise and Malfunction

A password breach can lead to unauthorized disclosure, manipulation, and use of your account, data, and device. Hackers can infiltrate your device’s OS and cause it to malfunction. 

How Do I Make My Password Strong?

Below are some effective practices for creating strong passwords for your accounts and devices:

• Use the maximum password length allowed by apps and devices. Some digital solutions even allow you to add up to 16 characters, which is good. The longer your password is, the more secure it is;
• Use a strong password unique for every account and device. So, one way to make your password strong is to avoid sharing it or using a different variation of the same password;
• Try to avoid consecutive numbers or letters in the password you create. The less sense your password makes, the more difficult it is to crack;
• Keep your passwords confidential. In other words, you shouldn’t share your account or device passwords with anyone unless you have to. For example, parents have their children’s passwords to monitor their digital activities. Similarly, employees often share work accounts and access them from different networks.

What If I Can’t Remember My Password?

The problem with creating a strong password containing 8-16 alphanumeric and special characters is that they’re difficult to remember. 

In some cases, it doesn’t even matter if you have a strong memory. 

For example, would you be able to remember a password like “X,la3{8n]9j0[4GJ1}[q” right away? 

Probably not! 

Now, imagine that you have four or five accounts with passwords like these. 

Fortunately, there are simple steps you can take to ensure you don’t forget your password:

• You can write down your passwords on a sticky note notebook;
• You can hide passwords in a file on your computer or phone for a quick copy and paste;
• Consider downloading a password manager to generate unique, high-security passwords for all accounts automatically. With this solution, you’ll only need to remember one master password. 

Is Password Security Enough?

No, in the modern age, passwords are nowhere near enough to ensure your safety online. 

Even the strongest passwords can’t survive brute-force attacks. 

Hackers also have several other tools at their disposal to steal your credentials, including spyware, which they can use to watch you as you type in your password. 

Therefore, along with using a strong password, you should also:

• Download a VPN to encrypt your data, making tracking your online activities and traffic nearly impossible. Without an encryption key, hackers can’t get into your system and attempt brute-force attacks to steal your passwords;
• Run regular device scans for different types of malware, including viruses, trojans, and spyware, using a powerful internet security suite;
• Enable two-factor and multi-factor verification via biometric authentication or other means wherever possible. These additional security layers can protect you even if hackers manage to steal your passwords.

Conclusion

Passwords may be the most basic level of IT security. 

Nonetheless, these short collections of alphanumeric and special characters remain at the frontline of data protection. 

So, the last thing you want to do is make it incredibly easy for hackers to breach and infiltrate your devices and accounts by using the most common passwords out there. 

To mitigate your security risk, you should create a strong password yourself or leverage a powerful password manager to create a bunch of strong passwords for all your accounts. 

Using a VPN and practicing good digital hygiene can also minimize or prevent data breaches and attacks.