- Companies have not yet stopped using easily cracked passwords
- Germany, the United States and China suffer most password violations
- 123456, the password and Qwerty are still being used in 2025
Many companies are still using weak passwords that can be broken in less than a second in case of a brute force attack to ensure their accounts, according to a new investigation of one of the best password administrators, NordPass.
Passwords such as ‘123456’, ‘Secret’ and even ‘password’ are being used by thousands of companies worldwide, resulting in an easy selection for computer pirates.
The investigation also found that Germany was in the world for password violations, with 582,067 incidents, closely followed by the US. UU. With 502,435, and China at 448,375.
The password is ‘password’
NordPass research used a 2.5 Terabytes database compiled from numerous publicly available data sets, including some of the dark network that covered 11 industries.
For Enterprise, the most common password in the database was’ 123456789 ‘with 378,182 uses, followed by the’ 123456 ” much easier to remember with 356,341 uses, and only to round everything ‘12345678’ comes in third place with 145,688 uses.
The small and medium -sized companies are not much better, with ‘123456’ overcoming the list for both with a total of 852,861 in both business sizes. Other classic passwords such as ‘Qwerty123’, ‘ABC123’ E ‘Iloveyou’ also appear on the list, taking less than a second in crack.
Interestingly, the 28th password most used in the ‘NordPass data set was’ Timelord12′, possibly suggesting that a IT worker with a love for Peter Capaldi’s work as the twelfth doctor in the doctor who was in charge of creating more than 30,447 accounts that were later exposed.
NordPass also found that many users who did not use the most common passwords often used their own email address as their password, which makes it quite easy for an attacker to decipher their accounts. The names were also a common inclusion in the database, which suggests that employees were using their own names as a password.
If you have seen your password somewhere in this article or in NordPass investigation, it could be time to change it to something safer, so that you are not responsible for a violation.
To better protect corporate accounts, companies must establish rules for creating passwords that hinder the use of simple passwords that can be easily deciphered. NordPass also offers a business password administrator level to help companies generate and store passwords safely.
Companies must also implement the authentication of two factors when logging into accounts to help verify that the person accessing the account is a legitimate user, and not a criminal with stolen credentials. Companies can also change to the use of Passkeys, which use safe authentication to log in without the need to remember complex passwords.
