February 27, 2021

73% of the world’s most popular passwords can be cracked in less than a second

Pin It

How do hackers hack passwords? It’s easier than you think

20 January, 2021. According to the data provided by the NordPass password manager, 73% of the most popular passwords people use can be hacked in less than a second.  

Here are the top 10 passwords of 2020, along with the time it takes to hack them and the number of times they’ve been exposed in various data breaches.  

PasswordHow long would it take to crack it?How many times has it been exposed?
123456Less than a second23,597,311
123456789Less than a second7,870,694
picture13 hours11,190
passwordLess than a second3,759,315
12345678Less than a second2,944,615
111111Less than a second3,124,368
123123Less than a second2,238,694
12345Less than a second2,389,787
1234567890Less than a second2,264,884
senha10 seconds8,213

Interestingly, last year, after analyzing the top passwords from 2019, NordPass researchers found out that 70% of the passwords could be cracked in less than a second. This is 3% less than in 2020.

“The lesson here is that millions of people still use generic and weak passwords and don’t hear the message that a strong password is one of the most important measures for those who want to be secure online,” says Chad Hammond, a security expert atNordPass.

How do hackers crack passwords?

The most common is the so-called “brute-force” attack. It’s an automated, common, and effective method to hack people’s passwords. 

When brute-forcing your password, hackers check if your password is among the most popular. They will also check all the known information you might use for your passwords, such as your name, address, favorite band, sports team, or your pet’s name. Hackers might also use a program that will tweak this information by adding more data, like numbers or special symbols.

They will also translate words into Leetspeak (where “password” becomes “p422W0Rd”) or scan “rainbow tables”. These are vast sets of tables filled with hash values pre-matched to possible plaintext passwords.

In addition to that, hackers will check if your other accounts have been breached and whether you’ve reused the same password for another account. “That’s why it’s so important to use unique passwords for all accounts. Unfortunately, according to our survey, 63% of people reuse their passwords,” says Chad Hammond, security expert at NordPass.

What do cybersecurity experts recommend?

“We recommend that people use strong passwords that are lengthy and contain letters, numbers, and special characters. In addition, the passwords must be unique for every account. Furthermore, it’s a good idea to use multi-factor authentication to enhance your protection even further,” says Chad Hammond, security expert at NordPass.

How did NordPass calculate the time it takes to crack the password?

Breaking a simple 7-character password with no special symbols or uppercase letters can take as little as 0.29s. Add at least two characters, and the time to crack the password will increase to approximately 5 years. However, the time it will take to crack a password also depends on the computer the hacker uses.  You can check how long it would take to crack a password here.


NordPass is a password manager powered by the latest technology for the utmost security.  Developed with affordability, simplicity, and ease-of-use in mind, NordPass allows users to access passwords securely on desktop, mobile, and browsers. All passwords are encrypted on the device, so only the user can access them. NordPass was created by the experts behind NordVPN — the advanced security and privacy app trusted by more than 14 million customers worldwide. For more information: nordpass.com.

Print Friendly, PDF & Email
About ieyenews

Speak Your Mind