Worst Passwords of 2017 Include '123456' and 'Password'

[DipDog3]

Passwords are so 1990s.
It is really past time for them to die!

 

[Nyguy76]

I doubt there passwords are used much with email, banking, or other sensitive information. They are probably used mostly on sites where people don't care about security.

 

[Christoffee]

These lists comes out every year.

Why don't the websites themselves incorporate this list into the mechanism that accepts your new password?

A lot of sites have, at minimum, a way to tell you if your password isn't long enough. And some also tell you that you need a number or uppercase letter.

Frankly... I'm not sure I'd wanna do business with a website that allows "123456" as a password.

Oh I'm still blaming the user overall... but I think the websites could help fix this terrible habit.

While I get what you're saying, rules imposed by websites infuriate me. I have a password system, that allows me to have long, unique passwords for everysite. It incorporates a number, a caps, and a sign. When i set my password and a website tells me that it must have at least two numbers I'm ! The password is unique and 19 characters long! And you're telling me that I should use "monkey69".

 

[kaneda]

Not cool! Posting my password online for everyone to see.

 

[neuropsychguy]

I doubt there passwords are used much with email, banking, or other sensitive information. They are probably used mostly on sites where people don't care about security.

That's similar to what I was going to comment. I use weak passwords on sites where I have no sensitive data. If they get hacked it's no loss.

 

[macTW]

Letmein?

Sounds German.

Edit: probably is the name of the movie let me in.

 

[RightMACatU]

Sammmmmme story everrrrrrrry year

 

[tillsbury]

My password: ********

Holy cow, you were right!

My password: 123456

Doesn't work for me

 

[recoil80]

Not counting the obvious password everyone use, like the name of the spouse or the dog.
People should be very careful when choosing a password, but many don't take that seriously.

 

[heimo]

"That's amazing! I've got the same combination on my luggage!"

I use nuclear missille launch codes for my luggage, to be absolutely safe and secure.
https://www.huffingtonpost.com/2013/12/05/nuclear-missile-code-00000000-cold-war_n_4386784.html

 

[T909]

Hey guys, look what I discovered. If you try to post you password on this forum, it automatically replaced it with asterisks.

Look, this is my password: ********

Try it!

oneMadRssnIsTheB1gg€$tf@g

Wait…It didn't show it asterisks…why?

 

[one more]

I’ve been a 1Password user for many years. Never going back to the days before I had strong, unique passwords for everything.

The problem is that then you depend on their service for your crucial data. If the service is down/discontinued, you are locked out, literally.

 

[Vanilla35]

letmein, really? Lol

 

[Col4bin]

Feel like this same article is published every year with the same worst passwords listed. You can't fix stupid!

 

[avanpelt]

The problem is that then you depend on their service for your crucial data. If the service is down/discontinued, you are locked out, literally.

Nope. My keychain is synced via Dropbox. I do not use AgileBits's cloud sync service.

 

[CarlJ]

Hey guys, look what I discovered. If you try to post you password on this forum, it automatically replaced it with asterisks.

Look, this is my password: ********

Try it!

I fooled them all - my password actually is 8 asterisks!

 

[SoN1NjA]

Hey guys, look what I discovered. If you try to post you password on this forum, it automatically replaced it with asterisks.

Look, this is my password: ********

Try it!

My password: f*ckoneMadRssn

It kinda works?

 

[Scottsoapbox]

noobs. always 654321.

 

[ActionableMango]

The creators of those passwords should be removed from the gene pool.

I'd argue that the system shouldn't allow weak passwords in the first place. When I see these weak passwords I think it's really a failure of the software developer, the system requirements, or security policy. You should expect the users to be lazy.

You can either have one coder do the right thing (require the software developer to enforce strong passwords), or hope that every single one of your thousands or millions of customers, employees, business partners do. The first scenario is much more realistic to me.

 

[Uinluan]

Worst username/password combination...

Username: root
Password:

Hard to take a company seriously that "Prides themselves" on Privacy and Security then makes a rookie mistake like that.

 

[EdT]

Didn't work for me:

Password: oneMadRssn

Guess I forgot to pay my MacRumors bill

Works fine for me. Of course, my password IS a line of asterisks.

 

[Jerry Fritschle]

I am reminded of many action/spy movies where the MacGuffin is some super-secret information on a character's encrypted drive, and the password turns out to be the name of his cat or something.

 

[Boyd01]

The creators of those passwords should be removed from the gene pool.

Why? I think they're doing a great public service for the rest of us. Why would a hacker waste time trying to crack my more secure password when there's so much easily picked low-hanging fruit?

 

[JM]

Hey guys, look what I discovered. If you try to post you password on this forum, it automatically replaced it with asterisks.

Look, this is my password: ********

Try it!

You're bad. Lol

 

[justperry]

Worst username/password combination...

Username: root
Password:

No, it's not...

Username: admin
Password: admin

...is the worst combination.

I get what you did here and I too think it was a huge blunder, but guessing root and leave the password section blank is harder to guess than the one I pointed out above, that's a standard on millions upon millions of devices.
It's getting better though, most ISP Modems don't have this standard login anymore.