- Companies have still not stopped using passwords easily crackable
- Germany, the United States and China undergo the most password violations
- 123456, the password and Qwerty are still used in 2025
Many companies always use weak passwords that can be cracked in less than a second in the event of a brute force attack to secure their accounts, revealed that new research from one of the best password managers, Nordpass.
Passwords such as “123456,” secret “and even” password “are used by thousands of companies around the world, which leads to easy selection for pirates.
Research also revealed that Germany was leading the world for password violations, with 582,067 incidents, followed closely by the United States with 502,435 and China at 448,375.
The password is “password”
NordPass’s research has used a 2.5 teraoctet database compiled from many data sets accessible to the public, including some of the Dark Web which covered 11 industries.
For the company, the most common password in the database was “123456789” with 378,182 uses, followed by the “123456” much easier to remember with 356,341 uses, and just to replace everything “ 12345678 ” arrives in third place with 145,688 uses.
Small and medium -sized enterprises do not do much better, with “123456” at the top of the list for both with a total of 852,861 in the two corporate sizes. Other classic passwords such as “Qwerty123”, “ABC123” and “Iloveyou” also appear on the list, taking less than a second to crack.
Interestingly, the 28th password the most used in the Nordpass data set was `Timelord12 ”, perhaps suggesting that a computer worker with a love for the work of Peter Capaldi as twelfth doctor as a doctor who was responsible for creating more than 30,447 accounts which were then exposed.
Nordpass also found that many users who did not use the most common passwords would often use their own email address as a password, which makes it easy for an attacker to break his accounts. Names were also a common inclusion in the database, which suggests that employees used their own names as a password.
If you have seen your password somewhere in this article or in the search for Nordpass, it may be time to change it in something more secure, for fear of being responsible for a violation.
In order to better protect business accounts, companies must implement password creation rules that make it more difficult to use simple passwords that can be easily cracked. Nordpass also offers a level of commercial password management to help companies generate and store passwords safely.
Companies must also implement two factors authentication when connecting to accounts to help check that the person who has access to the account is a legitimate user, not a crook with stolen identification information. Companies can also move on to the use of Passkeys, which use secure authentication to connect without needing to remember complex passwords.
