Most Popular Passwords Cracked Within a Second
Passwords are the first line of defense for protecting sensitive data, yet millions of users worldwide continue to rely on weak and predictable combinations. A recent study by KnownHost reveals alarming trends in password security. It shows that many commonly used passwords can be cracked in less than a second. With the average cost of […] The post Most Popular Passwords Cracked Within a Second appeared first on Cyber Security News.

Passwords are the first line of defense for protecting sensitive data, yet millions of users worldwide continue to rely on weak and predictable combinations.
A recent study by KnownHost reveals alarming trends in password security. It shows that many commonly used passwords can be cracked in less than a second.
With the average cost of a data breach projected to reach $4.88 million in 2024, a 10% increase from 2023, users must adopt stronger password practices to safeguard their digital assets.
Most Hackable Passwords
KnownHost’s analysis highlights the ten most hackable passwords, with predictable numerical sequences dominating the list.
The most commonly used password, 123456, has been employed over 3 million times and has appeared in more than 50 million data breaches. Its simplicity and lack of complexity make it an easy target for hackers, requiring less than a second to crack.
This table organizes the data for better readability and comparison.
Notable entries include:
- 123456789: Used 1.6 million times and involved in 20.5 million breaches.
- 1234: A four-character password that ranks third due to its shortness and simplicity.
- 12345678: With nearly 9.9 million breaches, it remains a popular yet insecure choice.
- 12345: Despite being slightly longer than 1234, it fares no better in terms of security.
The study also identifies the most hackable letter-based password as a password, ranking sixth on the list.
It has been used 692,000 times and implicated in over 11 million breaches, exemplifying how predictable words are just as vulnerable as numerical sequences.
Similarly, admin, a typical default password, ranks eighth with nearly 5 million breaches.
In tenth place is abc123, the only combination of letters and numbers in the top ten. While slightly more complex than pure numerical or alphabetical passwords, its predictability still makes it highly susceptible to attacks.
Key Findings
Lack of Special Characters: None of the top 200 passwords analyzed included special characters, such as @, #, or !. This omission significantly reduces password strength.
Character Composition: 65.5% of passwords were combinations of letters and numbers. 23.5% consisted solely of letters, and only 11% were purely numerical, yet these accounted for the majority of data breaches.
Password Length: The most common length among the top 200 passwords was eight characters (20.5%), while four-character passwords were the least common (0.5%).
The study utilized NordPass’s database of the top 200 global passwords, cross-referencing them with breach data from Pwned, spanning from 2007 to 2025. To rank the passwords, KnownHost applied min-max normalization, assigning scores between 1 and 10 based on frequency and vulnerability.
This study underscores the urgent need for users to adopt stronger password practices:
- Use passwords that are at least 12 characters long.
- Include a mix of uppercase and lowercase letters, numbers, and special characters.
- Avoid using dictionary words or predictable sequences like 123 or password.
Organizations can also contribute by enforcing stricter password policies and implementing multi-factor authentication (MFA) to add an extra layer of security.
As cyber threats evolve, so too must our approach to password security. By moving away from predictable combinations like those listed above, users can significantly reduce their risk of falling victim to data breaches in an increasingly connected world.
Free Webinar: Better SOC with Interactive Malware Sandbox for Incident Response and Threat Hunting – Register Here
The post Most Popular Passwords Cracked Within a Second appeared first on Cyber Security News.