January 25, 2025, 9:00 am | Read time: 3 minutes
To protect sensitive information and data, you need a secure password. However, experts warn that hackers can crack insecure or bad passwords in less than a second. TECHBOOK reveals what these are and how you can best protect yourself.
The internet has made our lives easier in many ways, but also much less secure. With a little knowledge and talent, hackers can easily gain access to sensitive data that we would rather keep under lock and key. That’s why we protect our data and accounts as best we can with passwords that are designed to prevent strangers from gaining access. But anyone who chooses a simple password out of convenience and then, in the worst case, uses it everywhere should beware. Experts have conducted research to uncover some of the most frequently used and most insecure passwords. The frightening result: less than a second would be enough for fraudsters to crack many of them.
These Are the Most Insecure Passwords
Many people want to make it easy for themselves and choose a very easy password so that they don’t forget it so quickly. In addition, laziness usually wins out, and the insecure password is used for almost all logins and accounts. This can actually backfire. Hackers are now able to crack passwords in less than a second.
The password manager, Nordpass, regularly carries out an analysis and identifies the most common and, therefore, the most insecure passwords. To do this, they analyze large databases in collaboration with experts who specialize in cybersecurity incidents. The last analysis took place in 2024. The results can be filtered both globally and individually for 44 countries.
The list of passwords used worldwide in 2024 is as follows:
- 123456
- 123456789
- password
- qwerty123
- qwerty1
- 111111
- 12345
- secret
- 123123
- 1234567890
There is also an analysis for Germany. Even if you find it harder to remember difficult passwords, you should never use one of these ten passwords in Germany, as hackers need less than a second to crack them:
- 123456
- 123456789
- 12345678
- 1234567
- password
- 1234567890
- 123123
- 111111
- abc123
- 000000
Users should also avoid certain information such as their name, their partner’s, or their pet’s name – this information helps fraudsters crack a password more quickly. The name of the street where you grew up, your favorite vacation spot, or the sports team you are a fan of are also taboo. Fraudsters can find all of this information via the details you provide on social networks such as Facebook.
This Is What a Secure Password Looks Like
An ideal password should always be long and complex. The Hasso Plattner Institute, an IT organization with a focus on cyber security, among other things, recommends the following points for passwords:
- Long passwords, ideally more than 15 characters
- Always use different passwords
- Use password managers
- Change passwords regularly
- Activate two-factor authentication if possible
The German Federal Office for Information Security (BSI) also offers guidance on creating a secure password. Among other things, the password should have at least eight characters. For encryption methods for WLAN (WPA2 or WPA3), the ministry recommends at least 20 characters. All available characters should be used in the password. This includes numbers, letters (upper and lower case), and various special characters.
Risk potential "high" Security vulnerabilities discovered in popular free password managers
Chip, magnetic strip, … What data is stored on bank cards and credit cards, and where is it stored?
Locking, backing up data, … What should I do if I have lost my cell phone?
Password Managers Are Helpful
If you can’t and don’t want to remember countless passwords, you can also try a password manager. Otherwise, it is always advisable to double-protect accounts, for example, by using two-factor authentication. Many providers or service providers already offer this.