Russia Has the Highest Number of Password Leaks
NordPass, a company that develops password management software, together with independent cybersecurity incident experts, conducted a study in 2021 to determine which passwords were most commonly used and published a map of the countries most affected by data leaks.
The researchers created a risk index that divides countries into three risk levels: low, medium, and high. The index was based on the number of password leaks per capita.
Statistics by Country
In Russia, there were about 2.9 billion password leaks in 2021, which amounts to 19.9 leaks per person. The Czech Republic follows with 6.2 leaks per person, then France with 6, Germany with 5.8, and the United States rounds out the top five with 5.2 leaks per capita.
The Most Popular Passwords
NordPass also provided detailed information about the most “popular” passwords. The password 123456 is the most common in the world, used by over 100 million users. 123456789 and 12345 take second and third place, with 46 million and 32 million users, respectively. Other frequently used passwords include 111111, qwerty, and password.
The study also found that local culture influences password choices. For example, people often use the names of local soccer teams, famous drinks (like “guinness” in Ireland), or religious words (“Christ” in Nigeria, “bismillah” in Saudi Arabia) as passwords.
Gender Differences in Password Choices
The research revealed some gender differences in password selection. Women were more likely to use music-related passwords such as “onedirection” or “justinbieber,” while men preferred “Metallica” and “slipknot.” Women also tended to use more positive and affectionate words like “sunshine” or “iloveyou.” In some countries, men also used these types of passwords, but less frequently. Men generally used more sports-related passwords, especially those connected to soccer, and in some countries, men used more profanity in their passwords than women.
Password Security
The researchers also indicated how long it would take to crack each password. For example, passwords like “123456,” “password,” and “qwerty” can be hacked in less than a second.