top of page

Most common passwords of the year yours on the list?!

Internet security firm SplashData has published this year’s Worst Passwords List, which includes the most commonly used passwords in 2022. Is your password on the list? If it is, you may want to change it…

Every year, SplashData publishes a list of the year's most popular passwords. The main source for this list is data breaches that occur when private data is leaked on the dark web.

Many of us keep simple passwords to avoid forgetting them. However, this habit may be hazardous to your cyber health.

We have spoken before about the virtues of strong passwords (using three random words, or complicated alpha-numerical sequences) and using password managers to help you store them safely without having to write them down.

When you use simple passwords, hackers can easily break into your account. Passwords can be easily cracked using brute force methods or rainbow table techniques, putting your important data and assets at risk. They may be leaked or stolen, leaving you vulnerable.

So let's look at the most popular passwords in 2022 according to SplashData. If your password is on this list, we suggest you change it immediately to secure your account.

Making up SplashData’s top 10 most common passwords of 2022 are…

  1. 123456

  2. 123456789

  3. qwerty

  4. password

  5. 1234567

  6. 12345678

  7. 12345

  8. iloveyou

  9. 111111

  10. 123123

It’s astonishing that 123456 and its variants are still so commonly used, and the use of ‘password’ is just beyond crazy! Last November we wrote a blog which revealed that more than 23 million users worldwide used 123456 as a password! It seems that the trend is not diminishing.

Other common passwords high on the list are:

  • Nothing

  • Secret

  • Password1

  • Admin

'Password1'. Really?! Still?!! Many passwords remain on these lists year upon year because people continue to ignore basic steps to make them stronger. People simply do not pay attention until they become victims of fraud or a scam.

Aside from the most common passwords of 2022, here is a list of common passwords from recent years, which were also published by SplashData. As before, if your password appears in the list below, we strongly advise you to change it.

  • 12345

  • 123456

  • 123456789

  • test1

  • password

  • 12345678

  • zinch

  • g_czechout

  • asdf

  • qwerty

  • 1234567890

  • 1234567

  • Aa123456.

  • iloveyou

  • 1234

  • abc123

  • 111111

  • 123123

  • dubsmash

  • test

  • princess

  • qwertyuiop

  • sunshine

  • BvtTest123

  • 11111

  • ashley

  • 00000

  • 000000

  • password1

  • monkey

  • livetest

  • 55555

  • soccer

  • charlie

  • asdfghjkl

  • 654321

  • family

  • michael

  • 123321

  • football

  • baseball

  • q1w2e3r4t5y6

  • nicole

  • jessica

  • purple

  • shadow

  • hannah

  • chocolate

  • michelle

  • daniel

  • maggie

  • qwerty123

  • hello

  • 112233

  • jordan

  • tigger

  • 666666

  • 987654321

  • superman

  • 12345678910

  • summer

  • 1q2w3e4r5t

  • fitness

  • bailey

  • zxcvbnm

  • 121212

  • buster

  • butterfly

  • dragon

  • jennifer

  • amanda

  • justin

  • cookie

  • basketball

  • shopping

  • pepper

  • joshua

  • hunter

  • ginger

  • matthew

  • abcd1234

  • taylor

  • samantha

  • whatever

  • andrew

  • 1qaz2wsx3edc

  • thomas

  • jasmine

  • animoto

  • madison

  • 0987654321

  • 54321

  • flower

  • Password

  • maria

  • babygirl

  • lovely

  • sophie

  • Chegg123

Precautionary measures

There are simple preventative measures you can put in place to ensure your password is safe and strong.

These methods will give you the best security against those who want to target your accounts.

  • Don’t use words that are easily guessable like the name of a relative, pet, place, sport, team, or any of your favorite activities. Note the amount of common names in that list above!

  • Use a combination of letters, numbers, and symbols for the best results.

  • Create a password by combining random words.

  • Use a password manager to save passwords.

  • Use two-factor authentication or multi-step authentication. Even if a hacker has your password, they will find it hard to get past this extra level of security.



Report all Fraud and Cybercrime to Action Fraud by calling 0300 123 2040 or online. Forward suspicious emails to Report SMS scams by forwarding the original message to 7726 (spells SPAM on the keypad).



The contents of blog posts on this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of East Midlands Cyber Resilience Centre (EMCRC) is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others. Articles on the website cannot by their nature be comprehensive and may not reflect most recent legislation, practice, or application to your circumstances. EMCRC provides affordable services and Trusted Partners if you need specific support. For specific questions please contact us by email.


EMCRC does not accept any responsibility for any loss which may arise from reliance on information or materials published on this blog. EMCRC is not responsible for the content of external internet sites that link to this site or which are linked from it.

bottom of page