Passwords are necessary for almost everything these days – bank accounts, health portals, social media and streaming services. Keeping track of password after password can be as hard as creating new, unique ones.

For the seventh year, NordPass, an online password manager, has released a list of the 200 most common passwords across 44 different countries. These passwords are ones that have been widely leaked and should be avoided because they are easier to hack.

According to the study, "123456" was the most-commonly used password, globally, between September 2024 and September 2025. "Admin" came in second and "12345678" came in third.

In comparison to previous years, NordPass analyzed an increase in the use of special characters in common passwords, like punctuation marks. This year, 32 of the 200 passwords on the global list included a special character. Examples include "P@ssw0rd," "Admin@123" and "Abcd@1234."

To create its annual list, NordPass collaborated with threat exposure management platform NordSteller. The two tech companies analyzed passwords exposed in "public data breaches and dark web repositories" between September 2024 and September 2025, according to a NordPass news release. No personal data was acquired or purchased as part of the research.

Here are the top 10 most common passwords in the U.S.

The chart below shows the top 10 most common passwords in the U.S., according to NordPass' study.

  1. admin
  2. password
  3. 123456
  4. 12345678
  5. 123456789
  6. 12345
  7. Password
  8. 12345678910
  9. Gmail.12345
  10. Password1

How to create a strong password

To start a strong password that is hard to hack, NordPass encourages online users to create one that is at least 20 characters, consisting of numbers, letters and special characters, like punctuation marks. Even if a platform only requires say, an eight-character password, users should still create a longer one, NordPass advises.

Additionally, never reuse passwords, NordPass says. Each account should have its own, unique password.

NordPass also recommends the use of multi-factor authentication, as this adds an extra layer of security. For example, in addition to entering a password for an account, a user may need to also enter a code texted or emailed to them with multi-factor authentication.

What's the best way to save passwords?

A password manager is one of the best tools for saving and creating strong passwords, according to the United Kingdom's National Cyber Security Centre. Password managers are often free and allow users to input all of their unique passwords. If a password manager is enabled via browser extension, then the manager may autofill passwords when appropriate.

Password managers like NordPass can also create randomized passwords for users, saving them for later use.

Greta Cross is a national trending reporter at USA TODAY. Story idea? Email her at gcross@usatoday.com.

This article originally appeared on USA TODAY: Is your password secure? See the most common passwords in the US

Reporting by Greta Cross, USA TODAY / USA TODAY

USA TODAY Network via Reuters Connect