Dark Web Passwords The Most Hacked Passwords in 2023

Introduction

In this report, we will analyse the most hacked passwords in 2023, focusing on the vulnerabilities they pose to users. We have gathered extensive data and industry trends from the SafetyDetectives Research Team to compile this report. By analysing leaked data from hacking forums, marketplaces, and dark websites, we aim to identify patterns and trends that make users more susceptible to unauthorised access, identity theft, and data breaches.

Before we delve into the report, we strongly recommend using a password manager like LastPass to enhance your online security. LastPass not only provides a secure storage vault for your passwords but also offers a convenient password generator, enabling you to create strong and unique passwords that are more resistant to malicious actors.

Analysis of Passwords

Total Number of Passwords Analysed

We have analysed a total of 18,419,945 passwords, including:

• 9,056,593 passwords from various worldwide databases.
• 328,000 passwords from hacked .edu users.
• 9,000,000 country-specific passwords.

Top 30 Most Used Passwords in the World

The following passwords are the most commonly used and hacked passwords worldwide:

1. 123456
2. password
3. 123456789
4. 12345
5. 12345678
6. qwerty
7. 1234567
8. 111111
9. 1234567890
10. 123123
11. abc123
12. 1234
13. password1
14. iloveyou
15. 1q2w3e4r
16. 000000
17. qwerty123
18. zaq12wsx
19. dragon
20. sunshine
21. princess
22. letmein
23. 654321
24. monkey
25. 27653
26. 1qaz2wsx
27. 123321
28. qwertyuiop
29. superman
30. asdfghjkl

General Password Trends in the World

• The word “password” and its variations are highly popular as passwords worldwide.
• Common words and phrases, such as “letmein,” “iloveyou,” “princess,” and “superman,” are widely used.
• Keyboard patterns, such as “qwerty,” are commonly employed, with 25% of the top 30 passwords being keyboard patterns.
• Numeric patterns, such as increasing or repetitive numbers, are prevalent in passwords.

Most Common Password Patterns

• Numeric patterns are widely favoured for creating weak and easy-to-guess passwords.
• Increasing or repetitive numeric patterns are observed in the top 10 and top 30 most used passwords.
• The word “hello” is a popular password choice in different languages.
• Certain countries exhibit specific password trends, such as the use of first names in passwords by Italian and Spanish users, and the preference for keyboard patterns amongst Russian users.

Country-Specific Password Analysis

Germany – Top 20 Most Used Passwords

1. 123456
2. 123456789
3. 12345678
4. hallo123
5. hallo
6. 12345
7. passwort
8. lol123
9. 1234
10. 123
11. qwertz
12. ficken
13. 1234567
14. arschloch
15. 1234567890
16. 1q2w3e4r
17. killer
18. sommer
19. schalke04
20. dennis
21. The most common password pattern amongst German users is simple and easy-to-guess increasing numeric passwords, such as “123” and “1234567890.”
22. The word “passwort” (“password”) and keyboard patterns using the German layout, such as “qwertz,” are also popular choices.

France – Top 20 Most Used Passwords

1. azerty
2. marseille
3. loulou
4. 123456
5. doudou
6. 010203
7. badoo
8. azertyuiop
9. soleil
10. chouchou
11. 123456789
12. bonjour
13. nicolas
14. jetaime
15. motdepasse
16. alexandre
17. chocolat
18. coucou
19. camille
20. caramel
21. The most common password pattern amongst French users is the French version of “qwerty” – “azerty.”
22. Common French words and phrases, such as “marseille,” “bonjour,” and “chocolat,” are also popular choices.

Russia – Top 20 Most Used Passwords

1. qwerty
2. 123456
3. qwertyuiop
4. qwe123
5. 123456789
6. 111111
7. klaster
8. qweqwe
9. 1qaz2wsx
10. 1q2w3e4r
11. qazwsx
12. 1234567890
13. 1234567
14. 7777777
15. 123321
16. 1q2w3e
17. 123qwe
18. 1q2w3e4r5t
19. zxcvbnm
20. 123123
21. Russian users predominantly choose keyboard patterns for their passwords, as seen in the top 20 list.
22. Meaningful words, both in Russian and English, are less frequently used as passwords compared to other countries.

Italy – Top 20 Most Used Passwords

1. 123456
2. 123456789
3. juventus
4. password
5. 12345678
6. ciaociao
7. francesca
8. alessandro
9. giuseppe
10. martina
11. francesco
12. valentina
13. qwertyuiop
14. antonio
15. stellina
16. federico
17. federica
18. giovanni
19. lorenzo
20. asdasd
21. First names, such as “francesco,” “alessandro,” and “giuseppe,” are popular password choices amongst Italian users. This practice, when combined with an email address mentioning the same first name, increases password vulnerability.
22. The Italian soccer team “juventus” is also a popular choice among Italian users.

USA – Top 20 Most Used Passwords

1. password
2. 123456
3. 123456789
4. 12345678
5. 1234567
6. password1
7. 12345
8. 1234567890
9. 1234
10. qwerty123
11. qwertyuiop
12. 1q2w3e4r
13. 1qaz2wsx
14. superman
15. iloveyou
16. qwerty1
17. qwerty
18. 123456a
19. letmein
20. football
21. US users have varied password choices, including increasing numeric patterns, keyboard patterns, and common words or phrases.
22. “Qwerty” is a frequently used password, with 25% of the top 20 passwords containing this pattern.

Spain – Top 20 Most Used Passwords

1. 123456
2. 123456789
3. 12345
4. 12345678
5. 111111
6. 1234567890
7. 000000
8. 1234567
9. barcelona
10. 123456a
11. 666666
12. 654321
13. 159159
14. 123123
15. realmadrid
16. 555555
17. mierda
18. alejandro
19. tequiero
20. a123456
21. Spanish users show a preference for numeric patterns, similar to German users.
22. Two famous Spanish soccer teams, “barcelona” and “realmadrid,” have their names in the top 20 password choices.

Top 20 Most Used Passwords for .edu Users

1. 123456
2. password
3. 123456789
4. secret
5. 12345
6. password1
7. football
8. baseball
9. 123123
10. abc123
11. soccer
12. 1234
13. qwerty
14. sunshine
15. basketball
16. monkey
17. ashley
18. princess
19. 12345678
20. 1234567
21. .edu users often choose common passwords, with such passwords constituting 60% of the overall top 30 list.
22. Names of sports, such as “football” and “baseball,” are frequently used as passwords by .edu users.

Analysis of Password Patterns

Worldwide Trends

• The word “password” and its variations are the most popular choices worldwide.
• Culturally relevant words and phrases are widely used, such as “angel,” “dragon,” and “superman.”
• European users, especially Italians and Spaniards, prefer using first names as passwords.
• Russian users differ from other populations and often choose keyboard patterns over meaningful words.

First Names in Passwords

• Many users, particularly Italians, Russians, and Germans, use first names inside passwords, often correlated with their email addresses.

First Names + 123 Patterns in Passwords

• Users sometimes add a “123” prefix or suffix to their passwords, but this simple pattern is highly common and easily guessable by hackers.

Famous People, Brands & Pop Culture Figures in Passwords

• Pop culture references, historic figures, and brand names are frequently used in passwords.
• The names “Christ” and “Jesus” are popular choices, along with brands like “Google,” “Apple,” and “Samsung.”
• TV series like “Friends” and “Star Wars” also influence password choices.
• Sports figures, such as “Ronaldo,” make appearances in passwords.

Hacker’s Top 10 Most Used Passwords List Explained

• The Hacker’s Top 10 most used passwords list is compared to our findings to identify commonalities.
• Passwords like “123456” and “password” are the most insecure choices globally.
• The Hacker’s Top 10 list aligns with the overall password trends, making these passwords highly susceptible to dictionary attacks.

Match Between Countries’ Top 10 and Hacker’s Top 10

• The match between countries’ top 10 passwords and the Hacker’s Top 10 list varies.
• Worldwide, there is an 80% match between the two lists.
• The US and Spain have a 50% match.
• Italy and Russia have a 33% match.
• Germany has a 25% match.
• France has a 10% match.

Additional Insights on Worldwide Password Trends

• Italian and US populations are most likely to use first names or email-related words in their passwords.
• Russian users prefer keyboard patterns and numbers in their passwords.
• The phrase “iloveyou” is a popular choice in various languages.
• Certain passwords, like “111111” or “000000,” are more likely to be used on mobile devices.

Most Common Year Used in Passwords

• Surprisingly, the year 2013 is frequently used as a prefix or suffix in passwords.
• Birth years, significant family years, or the year of password creation are also common choices.
• However, using such easily guessed years compromises password security.

Using Birthdays in Passwords

• Using birthdays in passwords is risky due to their predictability and ease of discovery.
• Attackers can easily obtain or guess birthdays through social media or public records.
• Birthdays are often targeted in brute-force attacks or dictionary-based hacking attempts.
• To enhance password security, avoid incorporating birthdays and instead generate unique and complex passwords using password managers.

How to Improve Password Strength

To improve password strength and protect against hacking attempts, consider the following tips:

• Do not reuse passwords across multiple accounts.
• Use passwords that are longer than 8 characters.
• Avoid including words from your email address in your password.
• Include numbers, capital letters, and special characters in your passwords.
• Avoid common names, cities, or cultural references in passwords.
• Utilise a password manager like 1Password to generate and store secure passwords.

By following these guidelines, you can significantly enhance your password security and protect your online accounts from unauthorised access and data breaches.

Frequently Asked Questions

How many times has my password been hacked?

To determine if your password has been compromised, use a dark web scanner like the one offered by Norton’s security suite. These scanners search the dark web for leaked databases and breached accounts, providing insights into the security of your passwords. By inputting your email address into the scanner, it cross-references it against known breaches and informs you if your password has been compromised. This proactive approach allows you to assess password vulnerability and take necessary actions, such as changing compromised passwords and adopting stronger security measures.

Does changing my password stop hackers?

Changing your password can stop hackers, but it is crucial to change it to a strong and unique password. Merely altering a weak password or creating another easily guessable password does not provide effective protection. Use a secure password manager to generate complex passwords that are resistant to brute-force attacks. Regularly changing passwords, coupled with strong password practices and multi-factor authentication, significantly strengthens your defences against hacking attempts.

What is the least common password?

The least common password is one generated by a password manager, incorporating a mix of numbers, letters, symbols, and special characters. Password managers create highly unique and random passwords that are rarely used by individuals. By avoiding commonly used words or patterns, password managers generate robust and secure passwords that are difficult for hackers to guess or crack.

Why are strong passwords important?

Strong passwords are important for several reasons. They prevent unauthorised access to your accounts, protect sensitive information, and mitigate the impact of data breaches. Strong passwords are resilient against brute-force attacks and dictionary-based hacking attempts. By using strong and unique passwords, you reduce the likelihood of multiple accounts being compromised. Strong passwords, along with additional security measures like two-factor authentication, contribute to a comprehensive cybersecurity strategy, enhancing overall online security.