Most common passwords Australia 2023, how quickly they’re hacked

A list of the most common passwords for 2023 has been released, and many of them can be hacked in less than a second.

Global password manager NordPass trawled 10.9 terabytes of publicly available databases, including those on the dark web that are used by cybercriminals to infiltrate and steal identities.

It found the world’s most popular password is, once again, “123456” — a number chain that’s used by 4.5 million people and guessed by hackers in less than a second.

But in Australia, “123456” is only the second most popular password. The most common password Down Under is “banned”, which was cracked in just two minutes.

NordPass found the least secure passwords tended to be used for streaming services, likely because they are often shared with others. Financial services passwords, on the other hand, tended to be most secure.

The revelation comes after the annual Cyber Threat Report announced a 23 per cent year-on-year increase in cybercrimes in Australia, amounting to a cybercrime reported every six minutes.

The Australian Signals Directorate received 94,000 reports of cybercrimes over the past year, but experts say the real number is likely much higher as many choose not to report.

Australia’s most common passwords

  1. Banned — 2 minutes to crack
  2. 123456 — less than a second to crack
  3. Admin — less than a second to crack
  4. password — less than a second to crack
  5. 1234 — less than a second to crack
  6. qwerty123 — less than a second to crack
  7. 12qwasZX — less than a second to crack
  8. 12345 — less than a second to crack
  9. 12345678 — less than a second to crack
  10. 1qwerty — less than a second to crack
  11. Qwerty123 — less than a second to crack
  12. 123456789 — less than a second to crack
  13. Starwars29 — 3 seconds to crack
  14. welcome11 — 2 seconds to crack
  15. ******** — less than a second to crack
  16. Deadman01 — one minute to crack
  17. Password1 — less than a second to crack
  18. 111111 — less than a second to crack
  19. Password — less than a second to crack
  20. Abc123 — less than a second to crack

Tips for stronger passwords

NordPass recommended that internet users choose a password that’s at least 20 characters long, with a mix of upper case and lower case letters, numbers and symbols.

Once that lengthy chain has been thought up, it should never be reused as a password for another site. That way, if one of your accounts is hacked, the rest aren’t put at risk.

Avoid using easily guessed information like birthdays, names or common words.

Originally published as World’s most common passwords: Change your password if it’s on this list