Top Compromised Passwords of 2022
The passwordless future has not arrived yet. Until then, we are stuck with one of the most challenging features of modern life - password management. Because so many people reuse passwords, criminals harvest as many credentials as possible to sell to other criminals to enable ransomware attacks and data theft.
ZeroFox uses our unique placement and access in the darkest corners of the Underground Economy to collect these compromised passwords on behalf of our customers. From October 1, 2021 through September 30, 2022, ZeroFox collected over 525 million compromised passwords to help our customers reduce the risk of stolen account credentials being used for remote access, to commit fraud, or more. Below are the top 20 compromised plaintext or easily cracked passwords we observed over the past year.
20 top compromised passwords in 2022
| Rank | Password |
| 1 | 123456 |
| 2 | 12345678 |
| 3 | admin |
| 4 | a11111 |
| 5 | 123456789 |
| 6 | password |
| 7 | 1234 |
| 8 | 12345 |
| 9 | secret |
| 10 | 111111 |
| 11 | 123 |
| 12 | 1234567890 |
| 13 | Password |
| 14 | 1 |
| 15 | admin123 |
| 16 | 1234567 |
| 17 | 123123 |
| 18 | user |
| 19 | P@ssw0rd |
| 20 | root |
There aren’t any surprises in the top 20 compromised passwords, But, at least President Skroob and King Roland’s password has dropped to eighth place!
Tips for stronger passwords
Thankfully, ZeroFox does not collect data on only compromised plaintext passwords. Many of the credential dumps we ingest into the ZeroFox platform are hashed. In an increasing number of cases, we collected salted hashes that even we cannot crack. Unfortunately, many of the unsalted hashes we collected are well known and easily crackable.
To keep your passwords safe and protect your data, here are a few tips:
- For system administrators: we encourage you to store user credentials using the strongest possible hashing algorithm and salting those hashes.
- For users: Length and uniqueness are key. Password managers, whether the built in password managers in modern browsers or commercially available options, are the best way to ensure if one credential is compromised your whole digital life isn’t at risk.
- For security teams: it’s wise to have a threat intelligence service continually scouring the Underground Economy for your employees and customer’s compromised credentials.
Learn how ZeroFox can help monitor for passwords and potential breaches
Password compromise is one of the first signs of a potential breach. These breaches can impact your business and personal life and are increasingly bringing businesses under scrutiny. ZeroFox can help detect potential breaches and data leaks by monitoring dark web chatter and providing actionable intelligence. To learn more about how ZeroFox can help, download our new Guide to External Cybersecurity. Get your copy here.