Despite warnings against easy passwords, ‘123456’ is still used over 6.6 million times.
‘Michael’ is the most commonly used name in passwords, while ‘football’ is the most popular sport, each appearing in over 107,000 passwords.
An expert reveals how to create strong passwords and protect your personal data from hackers.
Brand new data released by AI search analytics platform Peec AI reveals the most common words, phrases and values used in passwords – which also happen to be the ones most likely to get you hacked.
Analyzing data from a combination of global data breaches since 2019, the experts have scraped over 100 million different passwords to reveal the most common choices for online password protection.
According to the 2024 Bitwarden World Password Day survey, which gathered insights from 2,400 individuals, 36% of respondents admitted to using personal information in their passwords.
Given that, it’s perhaps no surprise that over 24 billion passwords were exposed by hackers in 2022 alone. More recently, between April 2024 and May 2025, another 19 billion passwords were made available online, accessible to cybercriminals looking to exploit them.
From names, years, seasons, number combinations, and values, to sports, football teams, famous celebrities, and fictional characters, here are the passwords you should really avoid using.
The most used names in passwords
The name ‘Michael’ is one of the most used names for passwords, included in 107,678 passwords. ‘Daniel’ is the second most used name, with a count of 99,399 passwords.
Other names including ‘Ashley’, ‘Jessica’, ‘Charlie’, ‘Jordan’ and ‘Michelle’ are among the most used for password protections.
Name
Number of times used
Michael
107,678
Daniel
99,399
Ashley
91,977
Jessica
86,410
Charlie
82,348
Jordan
74,310
Michelle
71,816
Thomas
70,024
Nicole
69,223
Andrew
66,960
Anthony
65,509
Jennifer
65,278
Joshua
64,335
Andrea
63,640
Maggie
55,967
George
55,949
Amanda
55,629
Hannah
55,320
William
54,917
Samantha
54,745
Robert
54,297
Martin
51,352
Harley
50,386
Brandon
49,986
The most used values in passwords
Often, several websites will ask you to create a password which contains numbers as well. However, 6,621,933 passwords contain the not-so-complicated number combination of ‘123456’.
‘123456789’ is the second most popular number combination, featuring in 2,258,198 passwords, followed by ‘111111,’ used 968,155 times.
‘Password’ has been used 946,935 times, along with ‘qwerty’ 878,496 times and ‘abc123’ 842,399 times.
Value
Number of times used
123456
6,621,933
123456789
2,258,198
111111
968,155
password
946,935
qwerty
878,496
abc123
842,399
12345678
829,914
password1
740,680
1234567
730,840
123123
666,404
The most used years in passwords
When it comes to years, ‘2013’ is the most used year included in passwords, featured in a count of 129,745.
The year of ‘2010’ and ‘1986’ are also amongst the top three most popular years used for password protection. ‘2010’ is used for a total of 79,294 passwords, whilst 1986 is used in 78,709 passwords.
It’s interesting to note that while ‘2013’ and ‘2010’ rank highest, the most commonly used years in passwords tend to cluster around the 1980s – a pattern that suggests many millennials are incorporating their birth years into their passwords.
Year
Number of times used
2013
129,745
2010
79,274
1986
78,709
1987
73,067
1989
61,405
1985
58,627
1988
57,945
1990
56,947
1984
54,333
2020
51,269
1982
50,833
2012
47,283
1983
45,789
1992
44,952
1995
43,558
1980
43,255
The most used football teams in passwords
The top five football teams used are ‘Liverpool’, ‘Chelsea’, ‘Barcelona’, ‘Arsenal’ and ‘Juventus’.
‘Liverpool’ is the most used team, featured in 70,317 passwords, followed by ‘Chelsea’ featuring in 55,834 passwords.
Team
Number of times used
Liverpool
70,317
Chelsea
55,834
Barcelona
46,273
Arsenal
45,321
Juventus
38,169
Amongst sports, ‘football’, ‘baseball’ and ‘soccer’ are the top three most popular sports for passwords, with ‘football’ being used a total 107,169 times.‘Baseball’ is the second most popular, featured 82,574 times.
‘Soccer’ has a count of 79,735 passwords, followed by ‘basketball’ with 62,667, ‘hockey’ with 41,220 and ‘tennis’ with 34,189.
Sport
Number of times used
Football
107,169
Baseball
82,574
Soccer
79,735
Basketball
62,667
Hockey
41,220
Tennis
34,189
The most used famous figures in passwords
‘blink-182’ is the most used famous figure for passwords, with a count of 84,545.
‘50 Cent’ places second, featuring in 55,897 passwords.
Following in third is ‘Eminem’ with 43,344 features, ‘Slipknot’ with 39,630 and ‘Metallica’ as the fifth most popular in 38,608 passwords.
Famous figure
Number of times used
blink-182
84,545
50 Cent
55,897
Eminem
43,344
Slipknot
39,630
Metallica
38,608
Nirvana
35,436
Justin Bieber
34,296
Ronaldo
34,137
Messi
495
The most used fictional characters in passwords
Amongst everyone’s favorite fictional characters, ‘Superman’ is the most featured in passwords, with a total count of 86,937.
‘Batman’ follows in second, featuring in 52,388 passwords. ‘Wall-E’ is the third most popular, with a count of 48,288. Rounding out the top six is ‘Hello Kitty’, ‘SpongeBob’, and ‘Spider-Man’, each with total counts of around 35,000.
Fictional character
Number of times used
Superman
86,937
Batman
52,388
Wall-e
48,288
Hello Kitty
35,381
SpongeBob
35,349
Spider-Man
35,078
The most used seasons in passwords
When it comes to seasons, ‘summer’ is the most popular for passwords, resulting in a count of 57,453. With ‘winter’ being the second favourite, appearing in 22,517 passwords, and ‘spring’ in third place with 11,737, ‘autumn’ is the least popular season, featuring in just 10,340 passwords.
Season
Number of times used
Summer
57,453
Winter
22,517
Spring
11,737
Autumn
10,340
Malte Landwehr, CMO of Peec AI, commented on the findings, “Considering the high volume of passwords leaked every year, along with the rise in scam and phishing reports, using obvious combinations like ‘123456’, which is used a staggering 6.6 million times, puts you and your personal information at high risk.
“Nearly everything we use online, from banking and shopping to social media, requires a password (even if you primarily use Face ID on your phone). As cybercriminals continue to target users, strong password security has never been more important.
“Attackers often use dictionaries and lists of common passwords in their attempts to crack passwords, so it’s important to make yours as difficult as possible to guess. Changing your passwords regularly is a great way of adding an extra layer of security.
“You should aim for a password that is at least 12 characters long, as long passwords are generally more secure, and include a combination of uppercase and lowercase letters, numbers, and special characters, such as ., !, @, #, $, %. Also, try to mix up letters, numbers, and symbols that do not follow predictable patterns, such as ‘12345’ or ‘qwerty’.
“Hackers can easily guess personal information, such as names, birthdays, family members, pets, or hobbies that are publicly available, so it’s best to create passwords that don’t relate to you.
“One final piece of advice is to avoid using the same password for multiple accounts, because if a hacker guesses your password on one platform, they will likely attempt it on all your other active platforms.
“It can be difficult to keep track of long, complex passwords – with special characters, uppercase letters, and more – but password managers can help. They store (and even generate) secure passwords for each of your accounts, making it much easier to manage and remember multiple strong passwords.
“Enabling Multi-Factor Authentication (MFA) is also advised, as it adds an extra layer of protection by requiring a second method of verification, such as a temporary code texted to your phone or a mobile authenticator app (such as Google Authenticator or Authy). With an MFA in place, even if someone has your password, they won’t be able to access your account without that second layer of verification – so make sure you use it especially for your email, bank, and social media accounts.
Methodology:
The study analyses data from a combination of global data breaches since 2019, scraping over 100 million different passwords to reveal the most common choices of password protection for internet users.
Guest Post: If you have one of these passwords, you need to change it ASAP – the most hackable passwords revealed
Posted in Commentary with tags Peec AI on July 28, 2025 by itnerdBrand new data released by AI search analytics platform Peec AI reveals the most common words, phrases and values used in passwords – which also happen to be the ones most likely to get you hacked.
Analyzing data from a combination of global data breaches since 2019, the experts have scraped over 100 million different passwords to reveal the most common choices for online password protection.
According to the 2024 Bitwarden World Password Day survey, which gathered insights from 2,400 individuals, 36% of respondents admitted to using personal information in their passwords.
Given that, it’s perhaps no surprise that over 24 billion passwords were exposed by hackers in 2022 alone. More recently, between April 2024 and May 2025, another 19 billion passwords were made available online, accessible to cybercriminals looking to exploit them.
From names, years, seasons, number combinations, and values, to sports, football teams, famous celebrities, and fictional characters, here are the passwords you should really avoid using.
The most used names in passwords
The name ‘Michael’ is one of the most used names for passwords, included in 107,678 passwords. ‘Daniel’ is the second most used name, with a count of 99,399 passwords.
Other names including ‘Ashley’, ‘Jessica’, ‘Charlie’, ‘Jordan’ and ‘Michelle’ are among the most used for password protections.
The most used values in passwords
Often, several websites will ask you to create a password which contains numbers as well. However, 6,621,933 passwords contain the not-so-complicated number combination of ‘123456’.
‘123456789’ is the second most popular number combination, featuring in 2,258,198 passwords, followed by ‘111111,’ used 968,155 times.
‘Password’ has been used 946,935 times, along with ‘qwerty’ 878,496 times and ‘abc123’ 842,399 times.
The most used years in passwords
When it comes to years, ‘2013’ is the most used year included in passwords, featured in a count of 129,745.
The year of ‘2010’ and ‘1986’ are also amongst the top three most popular years used for password protection. ‘2010’ is used for a total of 79,294 passwords, whilst 1986 is used in 78,709 passwords.
It’s interesting to note that while ‘2013’ and ‘2010’ rank highest, the most commonly used years in passwords tend to cluster around the 1980s – a pattern that suggests many millennials are incorporating their birth years into their passwords.
The most used football teams in passwords
The top five football teams used are ‘Liverpool’, ‘Chelsea’, ‘Barcelona’, ‘Arsenal’ and ‘Juventus’.
‘Liverpool’ is the most used team, featured in 70,317 passwords, followed by ‘Chelsea’ featuring in 55,834 passwords.
Amongst sports, ‘football’, ‘baseball’ and ‘soccer’ are the top three most popular sports for passwords, with ‘football’ being used a total 107,169 times. ‘Baseball’ is the second most popular, featured 82,574 times.
‘Soccer’ has a count of 79,735 passwords, followed by ‘basketball’ with 62,667, ‘hockey’ with 41,220 and ‘tennis’ with 34,189.
The most used famous figures in passwords
‘blink-182’ is the most used famous figure for passwords, with a count of 84,545.
‘50 Cent’ places second, featuring in 55,897 passwords.
Following in third is ‘Eminem’ with 43,344 features, ‘Slipknot’ with 39,630 and ‘Metallica’ as the fifth most popular in 38,608 passwords.
The most used fictional characters in passwords
Amongst everyone’s favorite fictional characters, ‘Superman’ is the most featured in passwords, with a total count of 86,937.
‘Batman’ follows in second, featuring in 52,388 passwords. ‘Wall-E’ is the third most popular, with a count of 48,288. Rounding out the top six is ‘Hello Kitty’, ‘SpongeBob’, and ‘Spider-Man’, each with total counts of around 35,000.
The most used seasons in passwords
When it comes to seasons, ‘summer’ is the most popular for passwords, resulting in a count of 57,453. With ‘winter’ being the second favourite, appearing in 22,517 passwords, and ‘spring’ in third place with 11,737, ‘autumn’ is the least popular season, featuring in just 10,340 passwords.
Malte Landwehr, CMO of Peec AI, commented on the findings, “Considering the high volume of passwords leaked every year, along with the rise in scam and phishing reports, using obvious combinations like ‘123456’, which is used a staggering 6.6 million times, puts you and your personal information at high risk.
“Nearly everything we use online, from banking and shopping to social media, requires a password (even if you primarily use Face ID on your phone). As cybercriminals continue to target users, strong password security has never been more important.
“Attackers often use dictionaries and lists of common passwords in their attempts to crack passwords, so it’s important to make yours as difficult as possible to guess. Changing your passwords regularly is a great way of adding an extra layer of security.
“You should aim for a password that is at least 12 characters long, as long passwords are generally more secure, and include a combination of uppercase and lowercase letters, numbers, and special characters, such as ., !, @, #, $, %. Also, try to mix up letters, numbers, and symbols that do not follow predictable patterns, such as ‘12345’ or ‘qwerty’.
“Hackers can easily guess personal information, such as names, birthdays, family members, pets, or hobbies that are publicly available, so it’s best to create passwords that don’t relate to you.
“One final piece of advice is to avoid using the same password for multiple accounts, because if a hacker guesses your password on one platform, they will likely attempt it on all your other active platforms.
“It can be difficult to keep track of long, complex passwords – with special characters, uppercase letters, and more – but password managers can help. They store (and even generate) secure passwords for each of your accounts, making it much easier to manage and remember multiple strong passwords.
“Enabling Multi-Factor Authentication (MFA) is also advised, as it adds an extra layer of protection by requiring a second method of verification, such as a temporary code texted to your phone or a mobile authenticator app (such as Google Authenticator or Authy). With an MFA in place, even if someone has your password, they won’t be able to access your account without that second layer of verification – so make sure you use it especially for your email, bank, and social media accounts.
Methodology:
The study analyses data from a combination of global data breaches since 2019, scraping over 100 million different passwords to reveal the most common choices of password protection for internet users.
Leave a comment »