NEWNow you can listen to Fox News articles!
Passwords play a huge role in how you stay safe online. They protect your accounts, devices and money. However, many people choose logins that criminals can guess in a matter of seconds.
Last NordPass report shows this problem again. This year, “admin” took first place as the most common password in the United States.
NordPass and NordStellar, two cybersecurity companies that track credential leaks and online threats, analyzed millions of exposed passwords to identify trends. They also looked at how password habits differ across generations. The pattern is clear: many of us still rely on simple words, simple number lines, and familiar key combinations. This choice gives attackers quick access to countless accounts.
Subscribe to my FREE CyberGuy Report
Get my best tech tips, breaking security alerts, and exclusive offers straight to your inbox. Plus, you'll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.
183 Million Email Passwords Leaked: Check Yours Now
Weak passwords like “admin” allow attackers to quickly break into your accounts before you even know it. (Kurt “CyberGuy” Knutsson)
The most common passwords in the USA
NordPass has published a list of the 20 best services for 2025. “Administrator” takes first place. Variants of the word “password” occupy five places. Number lines appear nine times. One explicit term even made the list.
Here are the 20 most common passwords in the US this year:
- administrator
- password
- 123456
- 12345678
- 123456789
- 12345
- Password
- 12345678910
- Gmail.12345
- Password1
- Aa123456
- damn it
- 1234567890
- abc123
- Welcome1
- Password1!
- password1
- 1234567
- 111111
- 123123
Weak logins remain a serious problem as criminals rely on automated tools. These tools try simple words and common patterns first. When millions of people reuse the same simple passwords, attackers quickly become successful.
HOW TO USE KEYS TO SECURE YOUR COMPUTER
Repeated use of the same login on different sites allows criminals to easily move from one hacked account to another. (Kurt “CyberGuy” Knutsson)
Global trends show similar risky password behavior.
The United States is not alone. Around the world, “123456” is considered the most common password. “Administrator” and “12345678” immediately follow. These patterns appear because they are easy to remember. Unfortunately, they are also easy to hack.
Researchers have noticed one change worth noting: More and more passwords now contain special characters. The increase is sharp. However, most examples remain weak. Strings like P@ssw0rd and Abcd@1234 still follow predictable rules that tools can break with little effort.
The word “password” remains popular throughout the world. People even use it in local languages. This shows how widespread the problem is.
Why younger generations are still making unsafe password choices
Many people assume that young people understand digital security. They grew up with phones and social media. Research shows that this assumption is incorrect.
NordPass found that an 18-year-old often chooses the same weak password patterns as an 80-year-old. Young users prefer long sequences of numbers. Older users tend to favor names. Neither group produces safe or random strings. Generations Z and Y tend to avoid names. Generation X and older use them frequently. Each approach carries risk because attackers expect both models.
SCAMS ARE AIMED AT CHILDREN WHILE PARENTS KEEP SILENT
Researchers have found that weak and predictable passwords continue to appear again and again in leaked data. (Kurt “CyberGuy” Knutsson)
Why weak passwords remain a big threat
Weak passwords feed data leak and account takeovers. Criminals run scripts that check billions of combinations every second. If your password is shared, they get hacked quickly.
One stolen login could expose your email, social media accounts, banking information and more. Many attacks start this way. Once criminals get into one account, they often try to use the same password for others.
How to keep your passwords secure
You can improve your digital security with a few simple habits. These steps will help you block common attacks and protect your accounts.
1) Create strong random passwords
Choose long passwords or short passphrases. Aim for a minimum of 20 characters. Combine letters, numbers and special characters. Avoid templates.
2) Avoid reusing password
Use a unique password for each account. If one login is hacked, the others will remain safe.
3) Review and update weak passwords.
Check your old logins. Replace anything short, predictable or reusable. New passwords reduce your risk.
4) Use a password manager
A password manager creates secure passwords and stores them securely. It also fills them out for you, so you don't have to remember them.
Next, check to see if your email has been compromised in past hacks. Our #1 best password manager includes a built-in breach scanner that checks to see if your email address or passwords have appeared in known breaches. If you find a match, immediately change any reused passwords and secure those accounts with new, unique credentials.
Check out the best password managers of 2025, reviewed by experts, at Cyberguy.com.
5) Enable multi-factor authentication (MFA).
Ministry of Foreign Affairs adds a second check before logging in. This is one of the easiest ways to block intruders.
6) Keep your software updated.
Update your phone, computer browsers and applications regularly. These updates address security holes that criminals try to exploit. When you fall behind on updates, weak passwords become even more risky, as attackers can combine old software flaws with a simple login.
Pro tip: Use a data removal service
Password leaks often come from old profiles on data broker sites that you forgot about. A data removal service can erase your personal information from these sites and reduce the amount of your data that ends up on abuse lists. When less of your information is shared online, your accounts become less tempting targets.
While no service can guarantee complete removal of your data from the internet, a data removal service is indeed a smart choice. They don't come cheap, and neither does your privacy. These services do all the work for you, actively monitoring and systematically removing your personal information from hundreds of websites. This is what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk that scammers will link leaked data to information they can find on the dark web, making it harder for them to target you.
Check out my top data removal services and get a free scan to see if your personal information has already been published online by visiting Cyberguy.com.
Get a free scan to see if your personal information has already been published online: Cyberguy.com.
CLICK HERE TO DOWNLOAD THE FOX NEWS APP
Kurt's key takeaways
Weak passwords will remain a huge problem in 2025, even with new tools and better education. You have the opportunity to improve your security with a few quick changes. When you form strong habits, it becomes harder for criminals to break into your accounts. Small steps add up quickly and provide much greater protection online.
What do you think drives people to use weak passwords even when the risks are obvious? Let us know by writing to us at Cyberguy.com.
Subscribe to my FREE CyberGuy Report
Get my best tech tips, breaking security alerts, and exclusive offers straight to your inbox. Plus, you'll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.
Copyright CyberGuy.com 2025. All rights reserved.
