Oh God. I just spent 45 minutes changing all my passwords after reading this research. I'm not even kidding. My "genius" system of using my cat's name plus my birth year? Apparently that's like leaving my front door wide open with a sign saying "Rob me, I'm an idiot."

Security experts are now begging millions of us to overhaul our online security after revealing the passwords that are basically digital suicide notes. And I'm betting $50 that you're using at least one of them right now.

The password hall of shame

A massive investigation by Cybernews researchers dug through an eye-watering 19 BILLION leaked passwords. Let that sink in. Nineteen. Billion. Passwords. That's more than twice the planet's population worth of leaked login credentials floating around out there.

The worst offender? That classic "123456" that lazy people everywhere seem to think is somehow adequate protection for their entire digital lives. It's literally the equivalent of using "unlocked" as your door code.

Other brilliant password choices making hackers' jobs stupidly easy include "123456789," "password," "qwerty," and "111111." My 7-year-old nephew could crack these in his sleep, and he still believes chocolate milk comes from brown cows.

Your name isn't clever (sorry)

Turns out about 8% of us think we're being super original by using names in our passwords. Spoiler alert: we're not.

The name "Ana" showed up in a staggering 179 million leaked passwords. That's... terrifying? And all those pop culture references you think make you unique? "Mario" (9.6 million), "Batman" (3.9 million), "Thor" (6.2 million), "Joker" (3.1 million), and "Elsa" (2.9 million) are about as secure as writing your PIN on your debit card.

I'm embarrassed to admit I had "Skywalker" in one of my passwords until approximately 37 minutes ago. I feel stupid now.

Swearing won't protect you (but it might make you feel better)

There's something darkly hilarious about millions of people thinking curse words make for good security. Like somehow hackers are too polite to try them?

Researchers found "ass" in 165 million passwords. "Fk" appeared in 16 million, while "st" (6.5 million), "dick" (3.2 million), and other colorful terms showed up millions of times. Back in 2018, I actually used a password that was just a string of profanity after getting locked out of my email. Turns out that was about as secure as using "12345".

Wait... you're using the SAME password everywhere?!

According to NordPass, the average person now juggles around 100 passwords across roughly 200 online accounts. Who has time for that?

This is why people reuse passwords. I get it. But Neringa Macijauskaitė, an information security expert at Cybernews, warns this is basically digital dominoes: "If you reuse passwords across multiple platforms, a breach in one system can compromise the security of all your accounts."

My colleague found this out teh hard way when her Instagram got hacked, and then suddenly her Amazon account started ordering $400 worth of gift cards. Not a coincidence.

So... what now?

Listen. We all need to stop being lazy with our digital security. It's 2025, for crying out loud. This isn't optional anymore.

Stop using predictable garbage passwords. Enable two-factor authentication everywhere you can. Seriously. Everywhere.

And for those of us who can't possibly remember 100+ unique passwords (which is... everyone?), get a password manager. I finally caved adn got one after putting it off for years. It's like having a responsible adult following me around the internet, cleaning up my messes.

Or you could keep using "password123" and just wait for someone to drain your bank account. Your call.