NordPass, the password management tool from the team behind NordVPN, released its list of the 200 most common passwords in 2022 — and it turns out people are still using notoriously weak passwords.
The most common password in the world this year was the infamously bad "password", and it took hackers under one second to crack it. The same goes for the second and third most common passwords: "123456" and "123456789", respectively.
NordPass compiled its list with the help of independent cybersecurity researchers who analyzed a three terabyte database to produce their findings. The list is full of fascinating (and cautionary) tidbits. For instance, nearly 5 million people around the world used "password" as their password. And of the 20 most common passwords, 18 were guessed in under one second.
The most important takeaway, though? If your password is on the list, it's time to make a change.
To ensure you're not hacked, here's NordPass' 20 most common passwords in the world for this year — and what to do if yours is one of them:
Bitwarden, an open source password manager, found 31% of survey respondents in the U.S. experienced a data breach within the last 18 months, according to its 2022 password management survey. To avoid adding to that statistic, NordPass recommends choosing a complex password of at least 12 characters with a variety of upper and lowercase letters, symbols and numbers. A password generator is a helpful way to form these kinds of complex passwords.
You should also refrain from reusing a single password for multiple accounts, though the impulse is understandable — and common. The Bitwarden 2022 password management survey found more than 8 in 10 Americans reuse passwords across websites, with 49% of respondents saying they rely on memory to oversee their passwords.
That brings us to another key piece of password hygiene: You might also consider using a password manager, like LastPass, 1Password, NordPass or Bitwarden, to store, manage and access passwords, which removes the fickle nature of your own memory.
In addition, NordPass recommends routinely checking what accounts you're actually using. Unused accounts are an online security risk, since a breach could go unnoticed.
Finally, you should regularly check the password strength of your existing passwords and update them with fresh and complicated ones. Even if you're not using "password" as a password, your cybersecurity efforts could probably use an upgrade.
Want to earn more and work less? Register for the free CNBC Make It: Your Money virtual event on Dec. 13 at 12 p.m. ET to learn from money masters like Kevin O'Leary how you can increase your earning power.