Worst Passwords of 2017 Include '123456' and 'Password'

[MacRumors]

SplashData today published its annual list of the worst passwords of the year, using data pulled from over five million passwords that were leaked across 2017 by hackers.

Despite many well-publicized major data leaks in 2016 and 2017, many people continue to use weak passwords that are easily guessed. "123456" and "Password," for example, were the two most popular passwords SplashData came across, as they have been for several years running.

Other passwords in the top 10 of the worst passwords list included "12345678," "qwerty," "12345," "123456789," "letmein," "1234567," "football," and "iloveyou." "Monkey," "123123," and "starwars" also made the list this year, as new easily guessable passwords people have adopted. Passwords made up of a single word or consecutive number string are dangerous because they're so easy to guess.

"Unfortunately, while the newest episode may be a fantastic addition to the Star Wars franchise, 'starwars' is a dangerous password to use," said Morgan Slain, CEO of SplashData, Inc. "Hackers are using common terms from pop culture and sports to break into accounts online because they know many people are using those easy-to-remember words."

With data breaches from major companies so common, a strong password that consists of multiple random words or multiple numbers, letters, and characters is essential, and it's also important not to use the same password for more than one account.

Safari has built-in password generating features, and passwords can also be stored in the Keychain and accessed on all of your iOS and Mac devices. Password management apps like 1Password, LastPass, or SplashID can also make remembering and managing multiple passwords simple.

SplashData publishes its annual list to encourage people to use stronger passwords. This year, the company's data came primarily from North America and Western Europe, culled from data leaks. Yahoo data and data from adult websites was not included.

In 2017, there were several major data leaks from companies that included Verizon, Saks Fifth Avenue, Deloitte, and Uber, along with a huge Equifax breach that exposed the personal information of millions of people.

Article Link: Worst Passwords of 2017 Include '123456' and 'Password'

 

[belvdr]

What's the difference in 11 and 12? Both say admin.

EDIT: Looking at SplashData's PDF, #12 should be "welcome."

 

[SamGabbay]

Time to change my password....

Thanks MacRumors

 

[calzon65]

The creators of those passwords should be removed from the gene pool.

 

[happydude]

in this day in age, if you're dumb enough to use 123456 as a password you deserve to have your identity stolen.

 

[the-bigwig]

Great ones thanks. Will save will use.

 

[Chuck Kostalnick]

It's great to see that people aren't using obvious passwords anymore...

Other passwords in the top 10 of the worst passwords list included "12345678," "qwerty," "12345," "123456789," "letmein," "1234567," "football," and "iloveyou." "Monkey," "123123," and "starwars" also made the list this year

Someone needs to save humanity.

 

[Baymowe335]

People can be so dumb.

 

[guzhogi]

"trustno1"? Fox Mulder, is that you?

 

[kagharaht]

I got that beat. 12345678910. Thats the key. The last two digits if you need to update just keep going. No one will guess it.

 

[358547]

..

 

[avanpelt]

I’ve been a 1Password user for many years. Never going back to the days before I had strong, unique passwords for everything.

 

[djeeyore25]

"That's amazing! I've got the same combination on my luggage!"

 

[nexu]

They will never learn

 

[oneMadRssn]

Hey guys, look what I discovered. If you try to post you password on this forum, it automatically replaced it with asterisks.

Look, this is my password: ********

Try it!

 

[infinitedreams]

Worst username/password combination...

Username: root
Password:

 

[OldSchoolMacGuy]

Copy article from last year, paste and update '2016' to '2017'. Same passwords year after year. People that don't take security seriously are unlikely to unless something significant happens that causes them to change their behavior.

 

[Michael Scrip]

These lists comes out every year.

Why don't the websites themselves incorporate this list into the mechanism that accepts your new password?

A lot of sites have, at minimum, a way to tell you if your password isn't long enough. And some also tell you that you need a number or uppercase letter.

Frankly... I'm not sure I'd wanna do business with a website that allows "123456" as a password.

Oh I'm still blaming the user overall... but I think the websites could help fix this terrible habit.

 

[Stella]

Yup. 1Password is great! Downside I can’t remember any of the assigned passwords so always need 1passport at hand.

I’ve been a 1Password user for many years. Never going back to the days before I had strong, unique passwords for everything.

 

[SeminalSage]

Hey guys, look what I discovered. If you try to post you password on this forum, it automatically replaced it with asterisks.

Look, this is my password: ********

Try it!

My password: ********

Holy cow, you were right!

 

[iPhysicist]

This chart seem to date back to the early 90s...

...guessing from the look of it. That explains the weak passwords - no (serious) internet.

 

[potatis]

 

[timeconsumer]

Hey guys, look what I discovered. If you try to post you password on this forum, it automatically replaced it with asterisks.

Look, this is my password: ********

Try it!

hunter2
Doesn’t look like stars to me

 

[imronburgundy]

Hey guys, look what I discovered. If you try to post you password on this forum, it automatically replaced it with asterisks.

Look, this is my password: ********

Try it!

Didn't work for me:

Password: oneMadRssn

Guess I forgot to pay my MacRumors bill

 

[Pbrutto]

They forgot the default password on Equifax’s server in Argentina