Overview
- NordPass and partner NordSteller analyzed passwords exposed in public breaches and dark‑web repositories from September 2024 to September 2025 to compile a global top‑200 list.
- '123456' ranked as the most common password worldwide for the seventh year, with 'admin' second globally and the top choice in the US, UK, Australia, Canada, Germany, Ukraine, and the UAE.
- In the US, 'admin' led the top‑10 list, while country snapshots show '123456' at No. 1 in India and 'admin' newly at No. 1 in South Africa.
- Use of special characters rose to 32 of the 200 most common passwords from six last year, typically in predictable forms such as P@ssw0rd and Admin@123 that offer limited protection.
- Password weakness is consistent across generations, with Gen Z most often using '12345' and older groups favoring '123456', and experts urge 20‑character unique passwords, password managers, and multi‑factor authentication.