The most hacked passwords list 2023


Level 75
Thread author
Honorary Member
Top Poster
Content Creator
Apr 24, 2016
As more than half (54%) of SMEs in the UK experienced some form of cyber-attack in 2022*, it's more important than ever to minimise potential gaps in your security, especially when choosing account passwords. Cybercrime and smishing attacks are unfortunately becoming more prevalent as more people move online and use cashless payments like our contacless card machine or buy now, pay later schemes.

2023 is the time to improve your password knowledge. We’ve all been taught to use memorable data but many of us use personal data like holidays and pet names as they are easy to remember. However, increased online presence via social media and public profiles has the potential to allow hackers into your life to discover what you might use for your passwords.

So, to help you gain awareness around online password security, we’ve conducted a study revealing the most commonly hacked passwords worldwide.
The study

Last year, we released our most hacked passwords report which we have now updated for 2023 to further investigate the passwords that are most commonly used and the time it takes for them to be hacked.

Analysing aggregated data from Rockyou21, which has compiled passwords from multiple sources and lists over six million breached passwords, we were able to investigate the most commonly used password patterns and the average password length.

The study has sorted the top hacked passwords into 25 categories, from footballers to astrology. By seeing which category had the most breached passwords, we can reveal the password subjects you should avoid as a whole to help stay secure online.
Key findings
  • The most popular password pattern is using all lowercase letters
  • Over 1.5 million passwords were eight characters or less
  • Terms of endearment are the most common password category
  • Over 29% of passwords use 12 characters or less
Read the rest here:


Level 29
Top Poster
Sep 13, 2018
Hmm, these new-fangled cookie notices lists via AdGuard and/or EasyList in latest uBlock O (1.50.0) didn't remove the green cookie notice on the page. Luckily, the element picker took care of it. The rule:
I didn't have the "widgets" lists enabled, though; that might have taken care of it also.

Even though one cannot control what happens on the company's side (MoveIt comes to mind), I get a nice, secure feeling having switched to 1Password's generator. Not to be doom-and-gloom but nowadays, it seems just a matter of time before we get an "incident" with data loss that we simply can't control.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.