The most used passwords in the UK and why they put businesses at risk
Back to Blog
Cyber Security

The 20 Most Used Passwords in the UK, and Why They Don't Work

Passwords protect your emails, your systems and your business. Yet most people still use ones that can be cracked in under a second. Here are the worst offenders and what you should be using instead.

March 20267 min read

We talk to business owners about passwords almost every week. The same patterns come up time and again: simple sequences, obvious words, and the same password used everywhere. These habits are understandable, but they leave the door wide open to attackers. Here is what the data actually looks like and what you can do about it.

The 20 Most Used Passwords in the UK (2025)

Every year, security researchers publish lists of the most commonly used passwords worldwide. While the exact rankings shift, the same names appear again and again. Based on data from the NordPass 2025 Report, the 20 most used passwords in the UK last year were:

UK's Most Common Passwords (2025)

20.admin
99,916 uses
19.123456
63,698 uses
18.password
58,355 uses
17.12345678
22,025 uses
16.123456789
18,733 uses
15.Password1
17,094 uses
14.Password
15,057 uses
13.12345
12,555 uses
12.Lennon11
9,214 uses
11.1234567890
8,150 uses
10.Password123
7,773 uses
9.Fortnite21
7,669 uses
8.password1
7,180 uses
7.qwerty123
7,146 uses
6.qwerty
6,970 uses
5.123qwe
6,801 uses
4.abc123
6,633 uses
3.Strongman12
6,607 uses
2.daday123
6,429 uses
1.Liverpool1
5,897 uses

These passwords are popular because they are easy to remember. Unfortunately, they are also easy to guess. Modern hacking tools can test millions of passwords per second, and every one of these can be cracked almost instantly. If your password appears anywhere on this list, or is very similar, change it straight away.

Why Weak Passwords Are Such a Big Risk

Many people assume hackers only go after large corporations. In reality, small and medium-sized businesses are often easier targets because security tends to be less strict. A single weak password can lead to:

  • Complete system lockouts through ransomware
  • Financial fraud through invoice scams
  • Stolen customer data and GDPR breaches
  • Compromised Microsoft 365 or cloud accounts
  • Email account takeover used for phishing your clients

Once someone gets into one account, they often move sideways through your systems. If staff reuse the same password everywhere, which most people do, one breach can quickly turn into several.

What Actually Makes a Good Password?

Random, Not Predictable

No real words, no patterns, no keyboard walks like qwerty or 123456. If a human can guess it, a computer can crack it in milliseconds.

Long, at Least 12 Characters

Length matters far more than complexity. A 16-character passphrase is far stronger than an 8-character jumble of symbols you can never remember.

Unique to Every Account

Never reuse passwords across systems. If one account is compromised, every other account using the same credentials is instantly at risk.

Need a Strong Password Right Now?

We built a free password generator tool that creates strong, random passwords instantly. No sign-up, no data stored, just a secure password ready to copy and use.

Try Our Free Password Generator

Practical Alternatives That Actually Work

The problem with strong passwords is that people struggle to remember them. That is entirely fair. You are not supposed to memorise dozens of random strings. These tools solve the problem properly:

Use a Password Manager

Tools like Bitwarden, 1Password or LastPass generate and store strong, unique passwords for every account. You only need to remember one master password. Everything else is handled securely in an encrypted vault. For businesses, these can be rolled out across the whole team with shared vaults and admin controls.

Enable Multi-Factor Authentication (MFA)

MFA adds a second step, a code on your phone, a fingerprint, or a hardware key. Even if someone steals your password, they still cannot get in without that second factor. This is one of the single most effective things any business can do to reduce risk, and it is free on most platforms including Microsoft 365.

Use Passphrases Instead

A passphrase like "correct-horse-battery-staple" is far easier to remember than "P@ssw0rd!" and significantly harder to crack. String together four or five random words, throw in a number or two, and you have something both memorable and secure. If you need inspiration, our free password generator can create one for you instantly.

The Business Impact of Poor Password Habits

From an IT support perspective, password issues cause more problems than almost anything else. We regularly see:

  • - The same login used for email, CRM and remote access
  • - Passwords written on sticky notes next to monitors
  • - Old staff accounts still active with default credentials
  • - Shared passwords across entire teams

These habits might feel convenient, but they massively increase risk. One compromised account can easily lead to downtime, data loss and serious reputational damage. At Graphite IT, one of the first things we review during an IT health check is password policy. Simple changes can dramatically reduce your exposure to cyber threats.

The Bottom Line

Passwords are boring. Nobody wants to think about them. But the reality is that weak credentials remain one of the easiest ways for attackers to walk straight into your business systems. The good news is that fixing the problem is straightforward: use a password manager, turn on MFA, stop reusing passwords, and make sure your team knows why it matters.

At Graphite IT, we help businesses across Yorkshire and the UK put proper password policies in place, along with the tools and training to make them stick. If you are not sure how secure your current setup really is, we are happy to take a look.

Worried About Your Password Security?

We offer a free IT health check for UK businesses. We will review your password policies, MFA setup and overall security posture, then give you honest, practical advice on what to improve.

Book a Free IT Health Check