'123456' remains India’s most used password for 2nd year: Report

New Delhi, Nov 19 '123456' has once again emerged as India’s most common password, topping the list for the second consecutive year, a new report said on Wednesday.

The data compiled by password manager NordPass analysed passwords used globally and in 44 countries, with a special focus this year on how different generations choose their passwords.

The report shows that Indians continue to rely heavily on extremely weak and predictable passwords.

After '123456,' the next most used passwords in India include 'Pass@123' and 'admin,' followed by simple numeric sequences such as '12345678,' '12345,' and '123456789.'

Despite adding symbols like '@' or capital letters, combinations like 'Admin@123,' 'Password@123,' and 'Abcd@1234' remain easy to guess.

The research notes that many Indians try to make their passwords appear strong by inserting special characters, but the overall patterns are still very easy for hackers to crack.

Personal elements also influence password choices. Names and patriotic references appear frequently, with passwords such as 'Kumar@123,' 'Global123@,' and 'India@123' making the country’s top list.

Experts warn that while such combinations may feel more personal or unique, they follow predictable formats that can be easily targeted by automated attacks.

Globally, the findings are similarly worrying. “123456” is again the world’s most common password, followed by “admin” and “12345678.”

Simple numeric patterns like “12345,” “1234567890,” and easy combinations such as “qwerty123” dominate lists across countries.

Researchers also observed a significant rise in the use of special characters this year -- with 32 passwords on the global list containing them, compared to just six last year. However, most of these remain predictable variations of common words or number patterns.

Karolis Arbaciauskas, head of product at NordPass, said that overall improvements in password hygiene remain slow despite years of awareness campaigns.

Arbaciauskas added that until passwordless authentication methods like passkeys become widespread, strong, unique passwords are essential.

“Around 80 per cent of data breaches are caused by weak, reused, or compromised passwords,” he noted.

The report also found that generational differences are minimal.

In fact, the most popular passwords among 18-year-olds look very similar to those used by 80-year-olds. Numeric sequences like “12345” and “123456” dominate every age bracket.

Disclaimer: This post has been auto-published from an agency feed without any modifications to the text and has not been reviewed by an editor