The most common passwords used online in Australia

person typing on keyboard

Jessica Taylor Yates

Posted October 26, 2022

As technology becomes more sophisticated, so does the importance for safety online. These are the most common passwords used by Australians, and why you should change yours. 

One in three Australians have had their passwords hacked or compromised in Australia. One in four have fallen victim to phishing scams, fake texts and emails, with a cybercrime report made every eight minutes in the 2022-23 financial year.

Password hacking is not just for people using 1234 or leaving their computers on and unlocked. Hackers, scammers and cyber criminals don't discriminate - while 20 per cent of identity theft victims in Australia over the last year were senior citizens, and 11 per cent of Australians over the age of 15 have experienced some form of personal fraud. 

Now an elite form of cybercrime, password hackers can use your account for anything from identity theft to financial gain, fraud, and collection of sensitive information to malware installation and even selling your identity on the dark web.

To keep your digital activity safe, find out about the most common passwords and threats to online security – and how to avoid being hacked.

The most commonly-used passwords in Australia

A recent study by global security firm Nord Security revealed the most common passwords in over 50 countries. While the top seven were fairly generic as seen in the table below, some in the top 20 may surprise you. 

While the number 1 password, 123456, may provide ease of use to some who believe this is ‘uncrackable,’ the research found the password used by 308,483 people could be cracked in under a second.

Some passwords that may not seem that common, but failed to have a mix of cases, numerals and letters, such as ‘australia,’ ‘qwerty,’ or the quintessentially Australian password ‘holden,’ were all able to be cracked in under two minutes.

The study also found that popular passwords also included first names, car brands, bands, swear words, and animals, with ‘dolphin’ making its most popular comeback since the 1990s.


Most common passwords in Australia

Passwords like 'australia' and 'holden' take just a single second to crack. 

Managing digital threats and security

As of 2022, Australia lags at 43rd in the world for e-security, behind countries including Ukraine and Morocco, and scoring lower on average than the whole of Europe and Oceania.

Passwords can be hacked in a myriad of ways, from clicking on an email that appears to be from a trusted source, to easily guessing a password using online algorithms or malware. 

If access is gained, hackers can gain access to more than just your password - from your name and birth date to phone numbers, addresses, passport details and healthcare information

It is important to stay vigilant and take tips on how to stay safe online, from creating strong passwords to backing up data, avoiding public Wi-Fi and being wary of file sharing and suspicious websites.

Aside from cell phones and computers, as our lives continue to become digitised, so too does the thread of digital hacks and threats to cyber security.

Smart technology, despite the name, unfortunately still has potential to be hacked, from a smart lightbulb to your portable voice assistant. The rules around passwords for your digital devices and smart technology remains the same – stay vigilant, use a strong password, and insure your devices are registered and insured.


man on phone

Be wary of public Wi-Fi, as passwords can be hacked whether you are inside or outside of the home. Image: Supplied. 

How to stay safe online

While cyber crime and data breaches are at an all-time high in Australia, there are some basic rules to follow when creating a password to make it less likely for hackers to be able to crack.

Nord Security has rules for what they call ‘Password hygiene’ to protect your digital presence:

Use a complex password with a mix of letters and numbers

And no, this is not password123.

According to Nord, a ‘complex password’ contains a mix of 12 characters – upper and lowercase letters, numbers and symbols that is not a decipherable word, phrase, or sequence of numerals or letters.

Don’t reuse passwords for multiple accounts

While it is tempting to use the same password for everything from your work to personal accounts, Nord Security says this is “a hacker’s delight.”

If the password is cracked, this then means that every single one of your online accounts is now compromised, so consider different passwords for each one of your digital accounts.

Update passwords regularly

You know that little pop-up you get at work to change your password every 90 days or so? You should be doing the same with your personal accounts in order to keep them secure and hack-free.

Assess your password strength

Unsure if all your passwords are protected? It’s important to regularly perform an internal audit on all your passwords, identifying those that are weak (123456) and may subject you to online hacking, and replacing with new passwords that meet the above criteria.

How to protect your home

One of the paramount reasons it's important to protect your digital identity with a complex password is to protect yourself in the real world.

If a hacker or criminal online is able to obtain your password or information, it can then be used to target anything from your home security system to opening automatic garages, or using your own security cameras to monitor your movements.

According to Neighbourhood Watch, one Victorian home was burgled every 24 minutes in 2021, with electronics, jewellery and cash the main items, as well as these six unusual items.

For better protection of your home contents, you can look to install a home security system, which keeps a lookout on your home through CCTV footage on security cameras, home alarm systems, or even through the DMMS mobile surveillance app.

Just make sure to lock it with a secure password!


Protect yourself at home.
Get a quote with RACV Home Security →

RACV Security Pty Ltd ABN 49 079 148 342 trading as RACV Home Security. Security Licence (Vic.) 733-411-10S and Security Registration (Vic.) 733-411-31S.​