10 most hacked passwords revealed in 2019 report

If your password is easy to remember, chances are it may also be easy to hack.

Though it's frustrating to keep track of a complicated password — constructed of random numbers, capital letters and special characters — cybersecurity experts say it's still the best way to protect your personal information. And it's vital to create separate passwords for different accounts.

Ian Levy, the technical director of the National Cyber Security Centre (NCSC) in the U.K., said recycling passwords or picking something that's easily associated with you is also dangerous.


“Nobody should protect sensitive data with something that can be guessed, like their first name, local football team or favorite band," Levy said this week in an online statement.

In order to nudge tech-savvy people in the right direction when it comes to staying secure online, the NCSC teamed up with Troy Hunt, an Australian cybersecurity expert who created Pwned Passwords API, to analyze millions of breached accounts worldwide to determine the most common hacked passwords.


After sifting through the top 100,000 hacked passwords, the agency pointed to these 10 as the most hacked.

  1. 123456
  2. 123456789
  3. qwerty
  4. password
  5. 111111
  6. 12345678
  7. abc123
  8. 1234567
  9. password1
  10. 12345

The top hacked password, "123456," was identified 23 million times in breaches, according to data the agency collected. The second worst password pick was "123456789," which was used 7.7 million times by breached users and the password "qwerty" had been hacked at least 3.8 million times.

NCSC also discovered that people frequently use names, famous musicians and fictional characters to craft their passwords.

Here are the five most common names used as passwords in breaches.

  1. Ashley
  2. Michael
  3. Daniel
  4. Jessica
  5. Charlie

Here are the five most common musician-inspired passwords in breaches.

  1. Blink182
  2. 50 Cent
  3. Eminem
  4. Metallica
  5. Slipknot

To prevent potential hacking, Levy recommended "combining three random but memorable words" together to create your passcode.

"Be creative and use words memorable to you, so people can’t guess your password," he suggested.