1. TechSpot is dedicated to computer enthusiasts and power users. Ask a question and give support. Join the community here.
    TechSpot is dedicated to computer enthusiasts and power users.
    Ask a question and give support.
    Join the community here, it only takes a minute.
    Dismiss Notice

The top 10 most hacked passwords of 2017

By Cal Jeffrey ยท 4 replies
Dec 19, 2017
Post New Reply
  1. SplashData each year compiles a list of the most commonly used bad passwords scraped from stolen credentials. You would think that year after year, people would learn to improve their password habits. Instead, we find the same overused passwords retaining their popularity.

    The two most used in 2017 were “123456” and “password.” Those terrible choices have maintained the number one and number two positions respectively since SplashData started tracking bad passwords in 2011.

    The number three pick was always “12345678,” but it was dethroned by "12345" in 2015 and then “qwerty” in 2016. However, it has regained its title this year as the third most hacked password.

    Other passwords that seem to show up every year include “login,” “1234567,” “football” and the totally secure “passw0rd” with a zero as the "o."

    There are a few new entries this year, however, showing that people are getting more creative and are at least attempting to make their passwords more secure. For example, people who used to use “12345678” as their password must have read somewhere that that it wasn’t very secure so now they have started using “123456789.”

    Do not use these passwords. They are the most hacked every year.

    Then there are the people who made “loveme” the 23rd most used password in 2016. They have apparently decided they are safer using “iloveyou” instead, as that one debuted at number 10 this year with "loveme" not even making the top 100.

    Star Wars mania has apparently also taken over many people’s lives since “starwars” is a new entry on the list at number 16, “master” is ranked 20th on the list, and "solo" is in at number 60.

    Here are the top 10 worst passwords of 2017 as well as their movement on the list since 2016.

    1. 123456 (unchanged)
    2. password (unchanged)
    3. 12345678 (up 1)
    4. qwerty (up 2)
    5. 12345 (down 2)
    6. 123456789 (new)
    7. letmein (new)
    8. 1234567 (unchanged)
    9. football (down 4)
    10. iloveyou (new)

    If you want to see the full list of the 100 most hacked passwords (some NSFW), SplashData has collected them in a snazzy PDF.

    As always, don’t use any of the passwords on this list. They are pretty much the very first ones that hackers use to try to get into an account. If you value your online security at all, always pick strength over convenience when choosing your password. Better yet, just download an app like PassBox or Password Manager XP. They will create strong passwords and remember them for you.

    Permalink to story.

  2. Adhmuz

    Adhmuz TechSpot Paladin Posts: 1,924   +712

    Humanity, I've almost lost all hope in it...
  3. OortCloud

    OortCloud TS Maniac Posts: 233   +109

    Note to self: 1234 looks good for another year and I can use it for my bank PIN too!
  4. Seraphim401

    Seraphim401 TS Booster Posts: 74   +27

    Number 25 is amusing.
  5. stewi0001

    stewi0001 TS Evangelist Posts: 2,192   +1,617

    It would be interesting to have more data like age, gender, and etc. although that would be extremely difficult to get.

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...