South Africans have spoken – and what they’ve said is deeply disappointing for anyone who cares about cybersecurity.
Yes, “admin” is officially the most common password in South Africa in 2025, according to NordPass’s annual Top 200 Most Common Passwords report. It knocks off previous heavyweight champion “123456”, which slips to a still-embarrassing second place.
NordPass, together with NordStellar, has once again sifted through global data breaches and dark-web dumps to produce its seventh annual list – essentially an annual reminder that humans remain allergic to strong passwords.
Here are South Africa’s top 20 offenders:
- admin
- 123456
- password
- Kenzo007
- 12345678
- 12345
- Password1
- P@ssw0rd
- sindy1
- Jassie21
- Scorpion1234
- macebo123
- Password
- saskia
- 123456789
- jagadira
- Dzunisani1
- Fifteen15!
- Password@1
- Knowledge1
If you spotted your own password somewhere on that list, don’t panic — but also, please panic.
Despite years of experts screaming into the void that simple passwords are cracked by hackers faster than you can say “data breach”, South Africans continue to double down on words, predictable numbers and keyboard-walk specials.
In fact, “admin” – the sort of password IT managers wake up screaming about – didn’t just take number 1. It leapt from 20th place last year.
Making matters worse, five separate entries on the list are literally just variations of the word “password”. Not even creative variations. We’re talking “Password”, “Password1”, “Password@1”.
Worldwide, the picture isn’t much better. “123456” retains its title as the most common password globally. A surprising global trend is the rise of special characters: 32 passwords in this year’s global top 200 include them – up from only six last year. But before you celebrate: most are no more secure than South Africans’ beloved “P@ssw0rd”.
One of the more amusing – and depressing – findings of the Nord research: not even young people know how to create proper passwords.
“The password habits of 18-year-olds are similar to those of 80-year-olds,” said NordPass’s Karolis Arbaciauskas, shattering the myth that digital natives inherently understand online safety.
Sensible tips
Across all generations, “12345” and its ilk remain popular. Older generations, however, prefer names – with “Veronica”, “Maria” and “Susana” topping in the older cohorts.
What to do? NordPass offers some sensible tips:
- Create strong, random passwords (not your cat’s name plus “123”);
- Never re-use passwords across apps or websites (yes, never).
- Review them regularly (perhaps annually);
- Use a password manager (because your brain cannot store 120 unique passwords – and shouldn’t); and
- Enable multi-factor authentication.
Why it matters
Around 80% of data breaches come down to weak or reused passwords. And while the world slowly trudges towards passkeys and biometric login systems, the gap between now and then is an open buffet for cybercriminals.
Until passkeys finish saving us from ourselves, strong passwords remain the only thing standing between your personal data and someone named “SkibidiHacker420”. – © 2025 NewsCentral Media
Get breaking news from TechCentral on WhatsApp. Sign up here.
