When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

People are still using "123456" and "password" to protect their stuff

Neowin · · Hot! with 53 comments

With the increasing threat of hacking, it is always important to try to have a solid password, usually mixing capital letters, numbers and symbols for the best effect. However, some users just don't learn, as a yearly report from SplashData has shown that "123456" and "password" are still the most used phrases to try to deter would-be intruders.

In 2017, more than five million passwords were leaked by hackers. SplashData compiled the passwords into its top 100 and found that there wasn't a lot of thought put into this important task, and it hasn't gotten better over the last two years.

Here are the top 25 passwords and their movement from last year. 'New' signifies that the password was not on last year's list:

  1. 123456 (Unchanged)
  2. Password (Unchanged)
  3. 12345678 (+1)
  4. qwerty (+2)
  5. 12345 (-2)
  6. 123456789 (New)
  7. letmein (New)
  8. 1234567 (Unchanged)
  9. football (-4)
  10. iloveyou (New)
  11. admin (+4)
  12. welcome (Unchanged)
  13. monkey (New)
  14. login (-3)
  15. abc123 (-1)
  16. starwars (New)
  17. 123123 (New)
  18. dragon (+1)
  19. passw0rd (-1)
  20. master (+1)
  21. hello (New)
  22. freedom (New)
  23. whatever (New)
  24. qazwsx (New)
  25. trustno1 (New)

And while Star Wars: The Last Jedi may be a trending topic, It isn't a good password.

“Unfortunately, while the newest episode may be a fantastic addition to the Star Wars franchise, ‘starwars’ is a dangerous password to use,” SplashData CEO Morgan Slain said in a press release. “Hackers are using common terms from pop culture and sports to break into accounts online because they know many people are using those easy-to-remember words.”

Tech writer Paul Thurrott had some fun with the news:

If you are having trouble coming up with solid passwords, remember that Safari offers built-in password generation, and so do apps such as SplashID, and LastPass.

So, while you think you might be clever with "trustno1" or " letmein," it appears you aren't fooling anyone as a lot of others have had the same idea.

Source: SplashData

Report a problem with article
Next Article

Second developer betas are out for iOS 11.2.5 and watchOS 4.2.2

Previous Article

Here's what's fixed, improved, and still broken in Windows 10 build 17063

Join the conversation!

Login or Sign Up to read and post a comment.

53 Comments - Add comment