Comparitech just released a study that shows we’re still pretty bad at choosing strong passwords. ‘123456’ Still Tops the Password Charts. They looked at data from 2025 breaches, going through over two billion leaked passwords to figure out which ones people keep reusing.
It turns out people still aren’t getting very creative with their passwords. The top three are the usual suspects, “123456,” “12345678,” and “123456789.” Right behind them is “admin,” and the old favorite “password” is still hanging on in eighth place. Somehow, even “123” and “1111” made the top twenty.
If you want to see how bad things really are, just look at the numbers. “123456” turned up 7.6 million times, yes, million. Even “minecraft,” sitting at number 100, showed up close to 70,000 times, with “Minecraft” popping up another 20,000. There were even local twists like “India@123,” which landed at 53rd place.
The report describes the findings as a “showcase of human laziness,” and the data support that view. One in four of the top 1,000 passwords consisted only of digits, while 38% included “123.” Another 2% used “321,” and 3.1% featured “abc.” A notable number were simply repetitions of a single character.
We’ve all heard the advice: make your password at least 12 characters long. But hardly anyone listens. Around two-thirds of the most common passwords are shorter than that, almost 7% have fewer than eight characters, and only a tiny 3% go beyond sixteen.
If you actually want to stay safer online, start with a password manager. Sure, nothing’s perfect, but it’s miles better than reusing “123456” everywhere. And don’t skip two-factor authentication, it’s one of the easiest ways to stop someone from breaking into your accounts.
Weak passwords aren’t just a problem for individuals. In one striking example, reports revealed that the Louvre museum’s video surveillance system was protected by the easily guessed password “LOUVRE.”
Maybe you would like other interesting articles?