Education sector under pressure over weak passwords
As classrooms go digital and administrative systems move online, a new study by NordPass, in collaboration with NordStellar, reveals a worrying truth: many educational institutions are still using shockingly weak passwords to protect sensitive data.
The research uncovered commonly used credentials across schools, universities, and training centers – and the findings don’t make the honor roll. Entries like “123456”, “Edifygroup@1”, and “principal@2021” appeared frequently, showing a widespread reliance on predictable or outdated credentials that are easy for hackers to guess.
“Educational institutions handle vast amounts of personal information – from student records to internal communications – but many are still relying on passwords that would fail even the most basic cybersecurity test. The use of default or recycled credentials leaves the entire system vulnerable to attacks,” says Karolis Arbaciauskas, head of business product at NordPass.
The top 20 not-so-secret passwords in education
The analysis revealed that weak password practices weren’t limited to just a few isolated cases. In fact, the same insecure credentials surfaced repeatedly across different educational institutions and regions. These are not just poor choices – they’re digital red flags that put entire networks at risk. Here are the top 20 not-so-secret passwords used in the education sector:
- 123456
- 12345678
- Edifygroup@1
- gov@2021
- B0livarian0
- Aicad.12
- Vanya@217
- P@ssw0rd23@
- 1212121212
- Abc12345
- password
- Macbook@1
- principal@2021
- Lobito_Paneka
- #PiensaSmart
- 123456789
- ric@12345
- UNICLA2020
- kasaki01
- P@ssw0rd
Why education needs to take cybersecurity seriously
Many institutions in the education sector – especially public ones or smaller private schools – face limited budgets and outdated IT systems. However, the cost of a data breach can be far higher, leading to financial loss, reputation damage, and compromised student privacy.
NordPass recommends a few key steps to improve password security:
- Stop using institutional or role-specific words in passwords. Phrases like “principal@2021” are easy targets.
- Educate staff on password hygiene. Cybersecurity awareness training should be part of the onboarding process for educators and administrators alike.
- Use strong, unique passwords and store them in a password manager. This ensures consistency and security across the board.
- Enable multi-factor authentication (MFA). An extra layer of login verification helps protect accounts even if passwords are leaked.
“The education industry plays a vital role in shaping the future. It’s time the sector applies the same diligence to digital security as it does to academic excellence,” Arbaciauskas adds.
ABOUT PRODUCT
NordPass is a password manager for both business and consumer clients. It’s powered by the latest technology for the utmost security. Developed with affordability, simplicity, and ease of use in mind, NordPass allows users to access passwords securely on desktop, mobile, and browsers. All passwords are encrypted on the device, so only the user can access them. NordPass was created by the experts behind NordVPN — the advanced security and privacy app. For more information: nordpass.com.