SplashData have released their annual list of the worst possible Internet passwords and the usual suspects are all there, with ‘password’ and ‘123456’ on top.
The rise in websites requiring users to have both letters and numbers in their passwords has had a significant effect on the list as you can see below.
The list, which was compiled using millions of stolen passwords that were then posted online by hackers, is in order of how common they are:
- password
- 123456
- qwerty
- abc123
- monkey
- 1234567
- letmein
- trustno1
- dragon
- baseball
- 111111
- iloveyou
- master
- sunshine
- ashley
- bailey
- passw0rd
- shadow
- 123123
- 654321
- superman
- qazwsx
- michael
- football
‘ReplaceMe’, ‘ChangeMe’ and ‘Hello’ are all noticeable absentees in my opinion. But before you try, they aren’t actually my passwords for anything.
I strongly recommend that if your current password appears on this list you change it now. Something like, ‘ICantBelieveIWasSuchAFool2’ (never forget to add a number) may be more effective 🙂
if people can frequently use “-“,”_”,”+”,”!” in their password mutilple time would help indeed to make password complicated.
be sure no hacker is reading this idea ….
@IQBAL If you really think a hacker gains anything from this you have no idea how we operate 🙂
It’s amazing that people still take password security so Lightly but that said I’ve seen more obvious passwords than many of these. I suspect the most common issue is with broadband routers and managed network appliances that people fail to change default passwords.