NordPass exposes password habits of wealthy companies: ‘123456’ still at the top

NordPass has also asserted that passwords are bound to die and will be replaced by passkeys.

Weirdly, “Babygirl1” and “princess1” somehow also made it to the most-used passwords list. (Image: NordPass)

Listen to this article

00:00

1x 1.5x 1.8x

Despite repeated warnings about password security by cybersecurity companies, the use of poor passwords continues to be prevalent for business accounts, particularly among telecom employees. New research by NordPass has revealed that passwords such as “123456,” “password,” and “password1” still make it to the top of the telecom industry’s list.

The research has specifically investigated passwords that employees of the world’s biggest companies from 31 countries use to secure business accounts, and arrived at 20 industry-specific password lists. In the telecommunications sector, the most commonly-used passwords are listed below:

1.123456
2. password
3. password1
4. abc123
5. 123456789
6. unknown
7. 12345
8. myspace1
9. god
10. 123456a

Weirdly, “Babygirl1” and “princess1” somehow also made it to the most-used passwords list in the telecom sector. Other industries are not far behind in their creativity. Consumer goods workers love “dummies”, real estate agents go for “sexy4sho”, and energy employees often use “snowman”.

Story continues below this ad

However, it is “password” and “123456” that continue to be among the most popular across several of the large companies surveyed. This is in line with another NordPass report from 2022 which revealed that “password” is the most common password in India.

The research highlighted that dictionary words, names of people and countries, and simple combinations of numbers, letters, and symbols are the most common inspirations for passwords in the corporate world, resembling the choices of regular internet users.

However, the world’s wealthiest companies see a unique trend. Employees love using passwords that directly reference or hint at the name of a specific company. The research says that this is dangerous – hackers try all password combinations referencing a company because of how common they are.

Also read | PDFs as malware? Research suggests how some benign-looking files could harm your PC

Passwords will inevitably die

Given the lack of change in user behaviour when it comes to picking passwords, big tech has begun to slowly move away from passwords entirely. Passkeys are considered to be a new, safer alternative since they do away with the need for passwords entirely. Instead, passkeys rely on biometric sensors (such as a fingerprint or facial recognition), PIN, or patterns, freeing users from having to remember and manage lengthy passwords.

Story continues below this ad

NordPass CEO Jonas Karklys suggests that passwords will eventually die. “While password trends slightly vary each year across different audiences, the general take is that people continuously fail with their password management, and the world desperately needs to switch to new online authentication solutions such as passkeys,” he said.

Businesses like Google, Microsoft, Apple, and PayPal have already adopted passkey technology, and Karklys says that other online companies will follow suit soon.