19 billion passwords have leaked online: How to protect yourself

It’s time to move on from passwords as they are outdated and pose a significant cybersecurity risk due to human input vulnerabilities. Recent findings reveal that over 19 billion leaked passwords from various breaches between April 2024 and April 2025 were reused or predictable, emphasizing the seriousness of the issue. The reliance on weak passwords remains a persistent problem, with only six percent of the passwords identified as unique.

The data from nearly 200 cybersecurity incidents that became public during this period included massive amounts of leaked data such as combolists, stealer logs, and compromised databases, totaling over 19 billion passwords. The prevalence of easily guessable passwords like “123456,” “Password,” and “admin” underscores the need for stronger security measures.

The habit of using personal names, popular culture references, and common words in passwords further worsens the situation, making it easier for attackers to breach accounts. Automation tools have made it even simpler for cybercriminals to target accounts with known passwords, leading to thousands of compromised profiles daily.

To address this escalating security threat, individuals and organizations must consider utilizing password managers to generate and store complex passwords securely. Implementing two-factor authentication, keeping software updated, and utilizing reliable antivirus software are also crucial steps to enhance cybersecurity and protect personal information from potential breaches.