How secure are passwords? For many, the answer is probably not very secure. The NordPass survey, developed by the team behind one of the best VPNs, NordVPN, reveals the top 200 most commonly used passwords in 44 countries over the last year. This is the sixth time the survey has been conducted, and this year, for the first time, it reveals both personal and corporate password data.

Globally, “123456” is the most common, used over 3 million times. Adding “789” to this number makes it the second most common password, used by 1.6 million people. This year, nearly half of the world's most common passwords are made up of the simplest keyboard combinations of numbers and letters, with “qwerty” and its many variations occupying the top 20 spots.

The U.S. tops the list with “secret,” which was not among the top passwords chosen by Americans last year. The word “password” can now be considered one of the most common and persistent passwords. In the U.S., it is the third most used password, and in the U.K. and Australia it is the first.

Research shows that 78% of the world's most common passwords can be cracked in less than a second. Compared to last year (70%), the situation has worsened. Experts have repeatedly urged Internet users to make their passwords stronger, but many seem to misunderstand the challenge.

The popularity of “qwerty” is being challenged by the equally weak “qwerty123,” which is now the most common password in Canada, Lithuania, the Netherlands, Finland, and Norway. In the U.S., this password has made significant strides this year and has entered the top five.

This year's survey also examines corporate password usage. You may or may not be surprised to find that 40% of the most commonly used passwords between individuals and company representatives are the same.

However, there are some interesting differences: default passwords such as newmember “ or” admin “ are more commonly used in business accounts; passwords such as newpass ‘ or’ temppass ”, presumably created for new users and changed passwords that are intended to be changed are often leaked because people are less inclined to change their passwords.

“Whether I'm wearing a suit and tie at work or scrolling through social media in my pajamas, I am the same person. In other words, no matter what environment I'm in, my password choices are influenced by the same criteria-usually convenience, personal experience, and cultural milieu,” says Carolis Albasiauskas, head of business products at NordPass. 15]

”Ignoring these considerations and putting password management companies that leave it in the hands of their employees are putting both their own and their customers' security at risk online”

.

According to a previous NordPass survey, a single Internet user has an average of 168 passwords for personal use and 87 for work. Managing such a load is too complex for most people, and experts say it's no wonder people create weak passwords and reuse them.

However, weak passwords created by company employees are useful to hackers because they can easily gain access to company IT systems through brute force attacks, dictionary attacks, or similar large-scale attacks. Another common scenario is that hackers use compromised employee personal credentials to break into the company.

If you are concerned about the strength of your passwords, don't panic. Personal security can be improved quickly in a few steps.

The first and easiest step is to create longer and more complex passwords. Passwords should be as long as possible, at least 20 characters, and a random combination of letters, numbers, and special characters. Longer passwords work wonders and can be easily changed. You can also use a long string of random words called a passphrase.

The second easy step is to not reuse passwords. This is because once one account is stolen, hackers can use the same credentials for other accounts.

These are quick and easy steps to instantly increase the security of your accounts. Going further, if you can afford it, there are a number of password solutions. One of these is the use of a password manager. With a password manager, you can easily and securely store all your passwords in one place. With the autofill feature, there is no need to remember passwords, and many good password managers will generate and remember secure and complex passwords for you.

You can also set up two-factor authentication (2FA). If your password is compromised, 2FA prevents hackers from gaining access to your account; 2FA alerts are often sent to your cell phone, and you must authorize the login before you can access your account.

NordVPN's Plus plan includes NordPass, a password manager, as well as Threat Protection Pro, Nord's cybersecurity monitoring tool that scans for data leaks and protects against malware and phishing threats It scans for data leaks and protects against malware and phishing threats. One of the best beginner VPNs, ExpressVPN includes ExpressVPN Keys in its plans. One of the most secure VPNs, Proton VPN's development team also offers a password manager; Proton Pass focuses on privacy and is included in the Proton Unlimited plan.

Switching to Passkey is another option. Passkey is considered the most promising alternative to permanently replacing passwords. Most online service providers these days, including Google, Microsoft, and Apple, offer passkey support.

Companies can adopt password policies within their organizations and set up 2FA and rules to protect employee information. Since human error remains a major cause of cybercrime, following these steps and changing the way you use passwords can help protect yourself online.