Security16.11.2023

South Africa’s favourite passwords include awesome, Mandela1964, and Sexy1234

NordPass has revealed the top 20 most commonly used passwords in South Africa as part of a study published on Thursday.

It published a list of the 200 most common passwords of the year globally, and shorter country-specific lists for 35 nations.

While many of the most common passwords used in South Africa are also in the top 200, a few were unique to the country.

These included “awesome”, “October@24”, “Mandela1964”, and “Sexy1234”.

The most common password in South Africa was “admin”, which was also the second-most common globally.

“While passwords in every country, including South Africa, vary greatly, there are some clear global trends,” NordPass stated.

Although unsurprising, the study’s conclusions were nonetheless interesting.

“The study concludes that people use the weakest passwords for their streaming accounts. In contrast, the strongest passwords are used for financial accounts.”

NordPass found that instead of improving password creation habits, Internet users have gone in another direction by sticking to already pre-configured passwords.

For example, “admin” is most likely the standard, pre-configured password on devices like Internet routers that people do not bother changing.

NordPass also found that people often go for passwords that reveal an emotion.

While “awesome” is trending in South Africa, “super123” ranks among the most common in China.

“Public events or national holidays apparently also serve as an inspiration for people’s passwords,” NordPass said.

In the United Arab Emirates, an event called Expo 2020 Dubai also left a lasting impression, with “Dubai@2020” ranked among the country’s most common passwords.

NordPass also mistakenly ascribed the popularity of “October@24” in South Africa to our Heritage Day — also called Braai Day.

However, this public holiday is celebrated a month earlier, on 24 September.

Rank Password Time to crack Count
1 admin < 1 Second 18,491
2 123456 < 1 Second 11,831
3 336699 < 1 Second 3,477
4 password < 1 Second 3,462
5 weiter 2 minutes 3,216
6 336699Aa 1 minute 2,475
7 October@24 4 minutes 1,688
8 12345 < 1 Second 1,650
9 Password1 < 1 Second 1,621
10 submit321 1 minute 1,596
11 12345678 < 1 Second 1,495
12 awesome < 1 Second 1,493
13 Password < 1 Second 1,174
14 P@ssw0rd < 1 Second 1,140
15 Passw0rd1 1 second 1,106
16 P@55w0rd < 1 Second 1,034
17 Mandela1964 1 day 989
18 12345678901 1 second 929
19 123456789 < 1 Second 846
20 Sexy1234 4 seconds 835

Globally, the most common password this year was “123456”. In South Africa, it was second-most common.

“Almost a third (31%) of the world’s most beloved passwords this year consist of similar numerical sequences, such as ‘123456789’, ‘123321’, and ‘000000’.”

It also found that as many as 70% of the passwords in this year’s global list could be cracked in under a second.

NordPass noted that the data presented in the study does not represent absolute password usage worldwide.

Researchers analysed a sample of passwords extracted from publicly available sources, including those on the dark web.

They evaluated a 4.3TB database for the list of most common passwords.

NordPass assured that no personal data was acquired or purchased for the study.

They analysed another database to gather data on what passwords people choose for different online services.

“To find out about passwords Internet users employ for different platforms, researchers analysed a 6.6 TB database of passwords, exposed by various stealer malware, which experts consider a huge threat to people’s cybersecurity,” NordPass stated.

“Malware attacks are particularly dangerous because malware logs contain a vast amount of information about the victim.”

NordPass said malware could steal information saved in browsers, such as passwords and other credentials, source website cookies, and autofill data.

It can also steal files from its victim’s computer, as well as system details such as OS version or IP address.

“The scariest part is that victims might not even realise that their computer is infected,” said NordPass chief technology officer Tomas Smalakys.

“Bad actors tend to hide malware in well-crafted phishing emails, imitating a legitimate organisation, such as your bank or your company.”


Now read: Google Maps will dodge South Africa’s crime hotspots

Show comments

Latest news

More news

Trending news

Sign up to the MyBroadband newsletter