These Are the Passwords That Hackers Will Guess First

Avoid these common, easy-to-crack passwords...unless you want to end up as the victim of a hacker.

When it comes to creating a password, many of us focus on devising a combination of letters, numbers, and symbols that we will always be able to remember. According to technology expert Burton Kelso, it is human nature to fall into a predictable routine of creating passwords. “We tend to create passwords based on things familiar to us such as common words, names, and locations,” he explains. “Then we try to make things complicated for a hacker by adding a capital letter, a number, or a special character.” However, unless we come up with unpredictable passwords, we are giving hackers an easy way to break into our accounts.

But, as they say, knowledge is power. To stay safe online on your phone or other devices, you need to know a few secrets that hackers don’t want you to know—including the fact that they’ll first try these common methods and passwords in order to get their hands on your personal information.

RELATED: 20 Cyber Security Secrets Hackers Don’t Want You to Know

They start off with a password list

Kelso explains that there are several websites that offer “popular password” lists. While the intention of most of them is to encourage people to shy away from the most commonly used passwords, they are a great starting point for hackers. Mark Burnett, a security consultant and researcher, recently published 10 million passwords on his website Xato, in order to provide a better understanding of how people formulate passwords. However, it also gives hackers a really good place to start.

Sequential number combinations

The trend of using has number combinations has continued, according to a list of the top 200 most common passwords of 2020 released by NordPass. Many of the top 10 passwords—a whopping seven, in fact—included simple number combinations of 1 through 10 with seven of the top 10 being number combinations.

RELATED: 7 Alarming Things a Hacker Can Do When They Have Your Email Address


NordPass also revealed that “qwerty” is the most popular letter combo for passwords. “Qwerty” and “qwertyuiop” also made the top 20. Other variations including numbers in-between each letter remained on the top of the leaderboard throughout the list of 200. While it might seem random to you, running your fingers along the top line of your keyboard is totally predictable to a hacker.


Whatever you do, avoid using the word “password” in your password. While the word itself is one of the worst you can choose, many other configurations of the word with letters and numbers are also on hackers’ go-to lists.

Common phrases

Try to avoid any common words or phrases. For example, “picture1” and “password” made the top 10, while “iloveyou,” “sunshine,” “princess,” and “dragon” were incredibly popular, as well. Hackers will also try common words with all of the common substitutions, according to Kelso, like January and january or October, october, and 0ct0ber.

Pet and family names

According to Google, never, ever, include your pet’s, child’s, or spouse’s name in your password. If a hacker is privy to any of your personal information, they will definitely check your loved ones’ monikers to try to break your code. One infamous hacker learned this the hard way after authorities broke his code: Chewy123. It was his cat’s name, followed by sequential numbers.

RELATED: 16 Clear Signs You’re About to Be Hacked

Significant dates

Your birthday, anniversary, or the birthday of a loved one can seem like an obvious password choice to you. After all, you will never forget it. But because it makes sense to you, hackers will also be able to figure it out pretty easily if they have access to your personal information, according to Google.

They will try the dark web

Sometimes your old passwords can leak onto the dark web—that part of the Internet not visible to search engines. Skilled hackers will search there, says Kelso, and if they find any, they will try using them. This is one of the reasons it is in your best interest to change your passwords frequently.

RELATED: 17 Everyday Things You Didn’t Know Could Be Hacked

They will create bots

If they have gone through all their resources, hackers have one final tool to break your code: They can create a bot that will try every possible combination. “Keep in mind, modern computers can make password guesses from 10,000 to over a billion guesses per second,” Kelso explains.

So what are the best passwords, anyway?

To break the cycle of creating weak, easy-to-guess passwords, Kelso maintains that the best type of password to keep hackers out of your stuff is a passphrase. “A passphrase is two or more words put together that form a password,” he explains. Some examples of passphrases are “stinkychicken” or “spangledbloatedowl.” You can also opt to have your computer generate random passphrases and store them on your computer—in a secure spot, of course.

RELATED: Smartphone Security: Everything You Need to Know to Keep Your Phone Safe


  • Burton Kelso, technology expert
  • Xato: “Today I Am Releasing Ten Million Passwords”
  • NordPass: “Top 200 most common passwords of the year 2020
  • Techlicious: “The 10 Worst Password Ideas, as Revealed by Google”

Leah Groth
Leah is a Philadelphia-based writer, editor, mother and product junkie. Her obsessions include old houses, home design, fashion, beauty, books and anything that makes her life — which includes working full-time and taking care of two "spirited" children and a Vizsla puppy — a little bit easier. Her work has appeared on a variety of publications and websites, including Glamour, Prevention, Business Insider, Livestrong, Mindbodygreen, Fatherly, Scary Mommy, Wonderwall and Cosmopolitan.