“123456” and “password” top worst passwords list for 4th year in a row

Security / Tech
password

SpashData analyzed over five million leaked passwords for the latest list and most were passwords used by those in North America and Europe.

You would think by now with the number of hacks and data breaches that internet users would wise up and use somewhat difficult passwords to guess. Unfortunately, that is not the case and in SpashData’s seventh annual worst passwords list, “123456” and “password” have retained their one-two ranking. Two other number variations — “12345678” and “12345” round out the top five along with “qwerty,” while “1234567” and “123123” also hit the top 25.

“Hackers know your tricks, and merely tweaking an easily guessable password does not make it secure,” says Morgan Slain, CEO of SplashData, Inc. “Our hope is that our Worst Passwords of the Year list will cause people to take steps to protect themselves online.”

Interestingly enough, “admin” — which is the default password for many routers — is up four spots over last year and “starwars” is a new addition to the list, most likely due to the popularity of the recently released Star Wars: The Last Jedi.

“Unfortunately, while the newest episode may be a fantastic addition to the Star Wars franchise, ‘starwars’ is a dangerous password to use,” said Morgan Slain, CEO of SplashData, Inc. “Hackers are using common terms from pop culture and sports to break into accounts online because they know many people are using those easy-to-remember words.”

SpashData analyzed over five million leaked passwords for the latest list and most were passwords used by those in North America and Europe. Passwords from adult website hacks and the Yahoo email breach were not included as part of the analysis, but one could reasonably assume the results wouldn’t be much different if they were. SplashData’s top 25 worst passwords for 2017 include:

  1. 123456 (rank unchanged since 2016 list)
  2. password (unchanged)
  3. 12345678 (up 1)
  4. qwerty (Up 2)
  5. 12345 (Down 2)
  6. 123456789 (New)
  7. letmein (New)
  8. 1234567 (Unchanged)
  9. football (Down 4)
  10. iloveyou (New)
  11. admin (Up 4)
  12. welcome (Unchanged)
  13. monkey (New)
  14. login (Down 3)
  15. abc123 (Down 1)
  16. starwars (New)
  17. 123123 (New)
  18. dragon (Up 1)
  19. passw0rd (Down 1)
  20. master (Up 1)
  21. hello (New)
  22. freedom (New)
  23. whatever (New)
  24. qazwsx (New)
  25. trustno1 (New)

So just how do you help secure yourself during your online browsing, logging in, and banking? SpashData has a few tips — and they’re some of the tips we’ve touted here at Techaeris in the past as well:

  1. Use passphrases of twelve characters or more with mixed types of characters including upper and lower cases.
  2. Use a different password for each of your website logins. If a hacker gets your password they will try it to access other sites.
  3. Protect your assets and personal identity by using a password manager to organize passwords, generate secure random passwords, and automatically log into websites.

Do you use the same password for all your internet logging in? Do you use multiple passwords that are more difficult to guess or randomized? Let us know in the comments below or on Google+, Twitter, or Facebook.

  Source: PRWeb
Comments
To Top