List of most common password in 2025 released; check here

Password management across multiple devices can be difficult. To simplify the process, many people use basic passwords for unlocking devices and accessing various accounts. However, this convenience carries a significant risk, as common passwords are easily targeted by hackers.

Comparitech, a UK-based software company, has published a list of the most common passwords of 2025. The firm has released its list of the most common passwords of 2025, a compilation that reveals how many users still rely on predictable strings that can be cracked in seconds. The list, which can be downloaded in full from Comparitech’s website, includes one hundred entries that are among the easiest for attackers to guess or hack. 

List of top 10 common passwords of 2025

Here is a list of the 10 most frequently used passwords across the globe:

1. 123456: This passwords ranks at the first spot as this can be easily cracked and it takes less than a second to guess.

2. 12345678: This vulnerable password can be hacked in less than a second, and surprisingly, over 1,10,000 individuals still use it.

3. 123456789: This password stands at the third lposition in the list.

4. admin: This password is susceptible to hacking in less than a second and has been selected by 55,000 users.

5. 1234: This seemingly secure term is, in fact, quick to crack in less than a second.

6. Aa123456: While offering more complexity, this password still takes a mere 5 minutes to crack.

7. 12345: Surprisingly common, this password is crackable in less than a second and is set by over 40,000 users.

8. password: This is also another very common password usped by people all around the world.

9. 123: Comparitech said that one-quarter of the top 1,000 passwords consisted solely of numbers, while 38.6% contained the string of numbers '123'.

10.1234567890. The company also mentioned that this password is also often used by people all around the world as it is easy to remember.

Google’s ongoing warning about credential theft

Google has repeatedly warned that hackers are actively targeting its user accounts in an attempt to gain access with stolen credentials. The tech giant notes that “phishing and credential theft” now fuels 37% of successful intrusions," a statistic that illustrates how central stolen passwords are to modern cyber attacks.

The company’s security team has observed a surge in phishing campaigns that trick users into revealing their login details, followed by rapid exploitation of those credentials on other platforms where the same password is reused. Google’s warnings are part of a broader effort to encourage users to adopt stronger authentication methods and to move away from reliance on passwords alone.

Microsoft’s bold move toward passwordless authentication

In response to the mounting pressure from infostealers and other data leaks, Microsoft has decided to push account holders to delete passwords completely, such is the current threat from infostealers and other data leaks.

The company is actively encouraging its users to transition to passwordless sign‑in methods, such as biometric authentication and security tokens, in order to reduce the attack surface that passwords provide. Microsoft’s approach aligns with a broader industry shift toward eliminating passwords as the primary method of verifying user identity.