From Biometric Update, December 26:
It’s look-back season again. Time to dust off old favourites like the World’s Most Surveilled Cities along with some seasonal newcomers like the Best Law of the Year (my vote goes to robot chicken fights).
Compiling the end-of-year list has become a perennial cross-cultural ritual. Even if they’re factually dubious or arithmetically suspect, the whole point of these mostly pointless tables is that they change. The entertainment is in their revelation. But one ranked list comes out every year – and every year it’s the same list. In fact, it’s scarcely changed for decades. And here it is again. With over 21.5 million appearances, the world’s most used security password for 2025 was (drum roll): “123456”. The runner up was – once again – “admin” having reportedly been used by more than 21 million accounts last year.
This is simply staggering, and not just because the passwords are so guessable. Most unbelievable is not the list itself but the fact that it doesn’t change. Every year it’s the same ‘winners’, despite billions of dollars’ investment in the tech and acres of column inches and advice against using weak passwords, or passwords at all.
At the close of a year when the audacious heist at the Louvre was assisted by the security system’s password being ‘Password’, the annual Nordpass survey shouldn’t come as a surprise to many.
Subscribers to Biometric Update get to learn of the latest risks to digital security and the leading-edge technology being developed to combat it. We hear daily from cyber-genius thought leaders and biometric tech wizards about how they are designing, developing and deploying countermeasures to hold back the tide of cyber and phishing attacks. With ever more fiendishly inventive scams, hostile state penetration and common vulnerabilities and exposures (CVE) leaving the person in the street aghast, experts harness their intellectual and technological horsepower to protect us year-round.
And yet the 2025 Most Used Password list brings only glad tidings to the most hapless hackers. The Nordpass statistics show how the Hollywood image of an evil genius hunched over a screen running fiendish ‘dictionary attacks’ isn’t even close to our biggest threat – and why a teenager with a first-gen laptop still has a better-than-even chance of hitting a digital jackpot. With text-based passwords like “Demo@123” still at the top of the year’s lists globally, from India, the USA, Germany and Australia, would-be cyber criminals don’t need to be John the Ripper sifting salting protocols in order to succeed. And our continued use of one password across multiple devices and accounts makes their life easier still.....
....About the author
Fraser Sampson, former UK Biometrics & Surveillance Camera Commissioner, is Professor of Governance and National Security at CENTRIC (Centre for Excellence in Terrorism, Resilience, Intelligence & Organised Crime Research) and a non-executive director at Facewatch.
....MUCH MORE
I was not aware the UK had a camera commissar.
