Top 200 Most Common Passwords
nordpass.com
For the seventh year in a row, NordPass presents its list of the top 200 most common passwords. Discover how common password trends differ across generations of users.

Seven years since our first top 200 common passwords list, we’ve witnessed how credential trends have changed — and what has remained the same. Each year, we rediscover people’s tendency to opt for weak passwords that prioritize convenience over security.

However, this year, we decided to ask ourselves: How do different generations treat their password use? From the silent generation to the “zoomers,” we analyzed which passwords are the most common among different user groups. As it turns out, bad password habits are trendy no matter how old you are.

  • SanctimoniousApe@lemmings.world
    2·
    4 hours ago

    Methodology

    The Top 200 Most Common Passwords report is the result of a joint effort between NordPass and NordStellar, prepared in collaboration with independent researchers specializing in cybersecurity incidents. Recent public data breaches and dark web repositories were analyzed from September 2024 to September 2025 to identify statistically aggregated data. No personal data was acquired or purchased for this research.

    Okay, so how valid is this really if they’re only using those passwords that were hacked?

    • t3rmit3@beehaw.org
      5·
      3 hours ago

      It’s very valid. The password dumps they’re analyzing aren’t based on attackers brute-force, they’re based on attackers breaching sites’ backends and dumping the user databases. Some of these are sites with millions of records, and when you look at credential-stuffing lists (which are aggregate lists of currently-accessible accounts using previously-breached credential pairs), it adds millions more.

      Sort this list by year, and you can see there’s tens of millions of leaked passwords in 2025 alone: https://haveibeenpwned.com/PwnedWebsites