Password Alert: ‘123456’ And ‘Minecraft’ Remain Most Used

For the analysis, researchers from Comparitech collected more than 2 billion leaked account passwords that appeared on data breach forums in 2025.

The Top 10 of ‘laziness’

The top of the list is a sad display of human laziness. A strikingly large number of passwords consist of simple ascending or descending number sequences:

A full quarter of the top 1,000 most commonly used passwords consisted solely of numbers. Furthermore, 38.6% of the top 1,000 contained the number sequence “123.”

Surprising additions

Besides the classic weak combinations, some more specific terms stand out that criminals can guess effortlessly:

• Minecraft : The word “minecraft” is ranked 100th, with nearly 70,000 mentions. With alternative capitalization (“Minecraft”), the term appeared another 20,000 times.
• ‘India@123’ : This less generic, yet still very common, password ranks 53rd and demonstrates that geographical or cultural terms are easily combined with simple number sequences.
• ‘qwerty’ and ‘admin’ : These terms, which comprise 1.6% and 2.7% of the top 1,000 passwords respectively, are still widely used as part of a larger (weak) combination.

Security experts are sounding the alarm

The analysis confirms that users largely ignore the recommendations for strong security. Experts recommend a minimum password length of 12 characters with a mix of uppercase and lowercase letters, numbers, and symbols.

The research shows that:

• 65.8% of the analyzed passwords had less than 12 characters.
• 6.9% of passwords were even shorter than 8 characters.

Modern password cracking programs can crack the most common, short passwords in seconds using brute-force attacks. The researchers emphasize that the strength of a password isn’t the only factor.

Crucially, every account must have a unique password to prevent credential stuffing attacks. Furthermore, two-factor authentication (2FA) should be enabled wherever possible to prevent account takeovers, even if the password is leaked.