The 25 most popular passwords of 2012

Your password should be a unique string of characters that only you know and should also be a non-dictionary term (random letters as opposed to the name of your pet). Because we put so much information on the Internet, a strong password is all but necessary.

But, for the lazy among us, we know that some folks will forgo common sense and use easy passwords that nearly anyone could guess. SplashData has put together its annual list of the most common passwords and unchanged from last year, the top password is, password.

The full list is posted below and more baffling is that there are systems that accept these common passwords. Best practice should be to force the user to create more secure strings of characters to reduce the chance that their account will be compromised. 

The top 25 most common passwords:

1. password (Unchanged)
2, 123456 (Unchanged)
3. 12345678 (Unchanged)
4. abc123 (Up 1)
5. qwerty (Down 1)
6. monkey (Unchanged)
7. letmein (Up 1)
8. dragon (Up 2)
9. 111111 (Up 3)
10. baseball (Up 1)
11. iloveyou (Up 2)
12. trustno1 (Down 3)
13. 1234567 (Down 6)
14. sunshine (Up 1)
15. master (Down 1)
16. 123123 (Up 4)
17. welcome (New)
18. shadow (Up 1)
19. ashley (Down 3)
20. football (Up 5)
21. jesus (New)
22. michael (Up 2)
23. ninja     (New)
24. mustang (New)
25. password1 (New)

Source: SplashData | Image Credit: Shutterstock  "Password in Internet Browser on Computer Screen"

Report a problem with article
Previous Story

Lync for Windows 8 and RT, app now available

Next Story

Bloomberg: Apple launching online radio in 2013

37 Comments

Commenting is disabled on this article.

I find this list hard to believe for many reasons.
Where is the "<< circumvention code >>" password ? lol
edit: i guess i'm not allowed to post the following password LOL
b.u.g.m.e.n.o.t
Over rated topic.. i use simple passwords and anyone want to hack me have at er'
I've gone as far as giving out my email and ip address to make a point.
If someone advanced wants you bad enough they will probably get you other wise
i guess we should bask in the glory that is our mighty impenetrable uber leet passwords
False sense of security ? No way I'm too cool !
Like the advanced super networking expert that was telling me on IRC how his network WEP password was just too hard to break no matter how much i told him how Aircrack works.
Far too many computer "experts" out there lol

best advice id heard on secure passwords was at a Sophos webinar, they reccomended using the !"£$%^&*() in a password when permitted e.g. Pr)nat!)n (Pr0nat10n with shift for upper number row chars)

we enforce strict time-limited passwords @work at least 18 characters long (including double spacing and numbers) lasting for 28 days then users are forced to change to a new password.
Annoys the hell out of end losers but seeing as we are regulated by the FDA (and have to be 21CFR compliant)/UK pharma guidelines its a must. No single sign ons with us even mail clients require a complex password on top of windows logon/screensaver password adhering to the same restrictions.
Ive lost count of the times ive been on site somewhere to find all the backbone switch gear passwords are left blank..........why would end users know how to find these.......thats not the point!

An ex finance director used to have his payroll password as payroll1.....didnt for much longer when i suggested maybe "help yourself to our cash&bank account numbers!!" would be a bit more secure.

Wouldnt mind so much but im talking about reasearch scientists and top biomedical researchers, seems the higher the IQ the less common security sense is bolted on!

Edited by Mando, Oct 26 2012, 6:29pm :

Doesn't having such long requirements + frequent mandatory changes increase the likelihood that users will end up having to write their passwords down somewhere?

Anybody who is on a secured network within an organisation with passwords like these. deserves to be sacked. the amount of people I've spoken to over the years who have used a lazy *** password I have lost count. people who use easy to remember passwords in my view deserve to be hacked. no offence and I don't mean it personally, but its simple educating the End User to project themselves. I was asked in work to leave open an unsecured VPN Portal which I refused. The MD treated me with my job... I said fine I'll leave open an unsecured VPN Portal... Whilst your at it; give security the night off SSD leave the front doors of the business open. Intelligent but no common sense people

your full of it..
i've used super simple passwords and i couldn't care less either.
are we forgetting something called context ?
You want my bank login ? good luck with that lol
You want my login to some stupid web site i make comments on ?
LOL who f-kin cares i 'll give it to anyone that asks for it they don't even NEED to hack it.. i couldn't care less.
People like you are hillarious. I spent a good chunk of time discussing this with condescending little pricks on the TPB irc channel. they we're insulting me because i told them i had a simple password. i had to keep telling them that i don't CARE period. what part of that don't you get ?

sabrex said,
Given the context, 'trustno1' is pretty funny and ironic as a password in the top 25 list.

Oh man, I actually know 2 different people that use that password.

I just use this one, no one has been able to crack it yet.

**********, if that doesn't work, just use ............
I see it all the time on login sites, more people should use it

.Neo said,
With almost 2 billion Chinese out there I'm having my doubts regarding the accuracy of this list.

密碼

.Neo said,
With almost 2 billion Chinese out there I'm having my doubts regarding the accuracy of this list.

agreed
a story like this means nothing with out showing the math and not just the so called answer

i kinda wanna know how many ashley's are there in the world to make it in the top 25 password list.

and i like how 123456 and 12345678 have stayed unchanged but 1234567 dropped 6.

Arpit said,
i kinda wanna know how many ashley's are there in the world to make it in the top 25 password list.

and i like how 123456 and 12345678 have stayed unchanged but 1234567 dropped 6.

Many passwords require a minimum length of 6 or 8. Not common to see on that is 7.

zikalify said,
WHAT! a post without the word 'windows' in it? :0 Neowin, you shock me!

At least you are not over on the gizmodo side of things. Most of their posts have Apple in them.

zikalify said,
WHAT! a post without the word 'windows' in it? :0 Neowin, you shock me!

ya or a windows poll with the option to NOT like the windows crap.
look at the pole we have now lol

How great is Windows 8 ?
Awesome, Great, Super or somewhat great LOL

i get the impression the free hardware etc would stop flowing if the truth came out

zikalify said,
WHAT! a post without the word 'windows' in it? :0 Neowin, you shock me!
I think you forget that Neowin is a Windows-enthusiast website. Look at the damn name of the website.

but no Passw0rd?

btw, how XKCD said, password with composed words are easy to remember and hard to track. For example,"jesus" and "ninja" are easy passwords but "jesusninja" is anything but a trivial password

Edited by Brony, Oct 26 2012, 1:29pm :

Brony said,
but no Passw0rd?

btw, how XKCD said, password with composed words are easy to remember and hard to track. For example,"jesus" and "ninja" are easy passwords but "jesusninja" is anything but a trivial password

I think the point he was making was that long string passwords, even if made up of dictionary words, take longer to calculate than shorter passwords with combinations of numbers and letters, while being easier to remember

mulligan2k said,

I think the point he was making was that long string passwords, even if made up of dictionary words, take longer to calculate than shorter passwords with combinations of numbers and letters, while being easier to remember

Yes, it takes longer but it also are more easy to remember than cryptic password (such auto generated password), for example "J1uorRSgij" is a PITA to remember.