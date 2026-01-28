The Hasso Plattner Institute for Digital Engineering (HPI) in Germany has analyzed millions of compromised accounts and profiles found on the darknet and identified the most frequently used-and most insecure-passwords of 2025, Azernews reports.

Once again, the simple combination“123456” has taken first place in the global ranking of the most popular passwords. Experts note that despite growing user awareness and ongoing efforts to combat cybercrime, many people continue to rely on basic number sequences or common words.

According to researchers, this behavior is often driven by an unwillingness to remember complex passwords, fear of forgetting them, or a careless attitude toward personal data protection based on the assumption that a cyberattack“won't happen to me.”

The top five most common passwords in 2025 also include 123456789, 565656, and 12345678. Passwords containing simple or familiar words remain widespread as well, with entries such as hallo123, kaffeetasse, passwort, and lol123 appearing in the top ten.

The study also shows that popular passwords vary significantly by country. In the UK, users frequently choose qwerty and liverpool, while in Italy, common choices include names like Giuseppe and Francesco, as well as phrases such as ciaociao and amoremio.

HPI emphasizes that the trend of creating passwords based on recognizable words, names, or dates of birth continues. Even when these passwords appear more complex, they are often reused across multiple services, greatly increasing the risk of large-scale data breaches.

Modern hacking tools can crack simple passwords like“123456” in less than a second, while a well-designed 15-character password with mixed symbols can take years or even centuries to break using brute-force methods.

HPI experts recommend using passwords of at least 15 characters, combining uppercase and lowercase letters, numbers, and special symbols. To manage these securely, they advise using password managers and enabling two-factor authentication whenever possible.