1. TechSpot is dedicated to computer enthusiasts and power users. Ask a question and give support. Join the community here.
    TechSpot is dedicated to computer enthusiasts and power users.
    Ask a question and give support.
    Join the community here, it only takes a minute.
    Dismiss Notice

Worst passwords of 2018 revealed, '123456' retains top spot

By midian182 · 14 replies
Dec 14, 2018
Post New Reply
  1. Earlier this week, password management company Dashlane put together a list of the “worst password offenders” from this year, in which Kanye West came top for exposing his “000000” iPhone passcode during a meeting with Donald Trump. Now, software company SplashData has released its annual “worst password” list.

    SplashData came up with these atrocities by analyzing over 5 million leaked passwords, most of which originate from North American and Western European users. It says around 10 percent of people have used at least one of the top 25 passwords shown here, while about 3 percent are guilty of using “123456.”

    The top two worst passwords remain the same, but there are some new entries. The satanic-themed “666666” comes in at number 14, the charming if ill-advised “princess” is at 11, and “donald” ranks at number 23.

    "Sorry, Mr. President, but this is not fake news -- using your name or any common name as a password is a dangerous decision," said SplashData CEO Morgan Slain. "Hackers have great success using celebrity names, terms from pop culture and sports, and simple keyboard patterns to break into accounts online, because they know so many people are using those easy-to-remember combinations."

    With so much publicity over massive data hacks, and given the large number of password managers available, Slain says it’s “a real head-scratcher” as to why people continue to use these terrible passwords.

    Here are the top 25 worst passwords from Splashdata’s list:

    1) 123456
    2) password
    3) 123456789
    4) 12345678
    5) 12345
    6) 111111
    7) 1234567
    8) sunshine
    9) qwerty
    10) iloveyou
    11) princess
    12) admin
    13) welcome
    14) 666666
    15) abc123
    16) football
    17) 123123
    18) monkey
    19) 654321
    20) !@#$%^&*
    21) charlie
    22) aa123456
    23) donald
    24) password1
    25) qwerty123

    Permalink to story.

  2. Uncle Al

    Uncle Al TS Evangelist Posts: 5,400   +3,793

    Well thank goodness! At least there is one thing you can count on from year to year!
    Bill Nguyen likes this.
  3. petert

    petert TS Evangelist Posts: 359   +157

    Go Kanye; go Kanye ...
    Bill Nguyen likes this.
  4. Bill Nguyen

    Bill Nguyen TS Rookie

    What's a good way to stay secure? Password managers?
    Is there some kind of add-on fingerprint dealy you can buy for a Windows PC that just let's you use it instead of a password for websites? Seems it'd be secure and convenient.
  5. jobeard

    jobeard TS Ambassador Posts: 12,899   +1,532

    One of the BEST patterns for creating a good password is:
    • a length of 8 or more
    • at lease one Upper case character
    • at lease one lower case character
    • at lease one number
    • and at lease one special character like {#$*+-=}
    Using a prefix and suffix that is meaningful to you with separators of numbers and special chars, your favorite root pwd becomes very secure.
    Bill Nguyen likes this.
  6. petert

    petert TS Evangelist Posts: 359   +157

    I use keepassx and it is a pain in a@@. Whenever I need to access a website, I need to open keepassx and copy the passwords which are randomly generated, and I cannot remember them all. Not to mention that I am synchronizing the password database using dropbox - I need to pay attention and close the program each time otherwise it will lock it down or save it as a new database - a even bigger pain in the a@@ to manually merge afterwards.
    Safety is painful. So, maybe we should all go Kanye ...
    Bill Nguyen likes this.
  7. Chesterfried

    Chesterfried TS Enthusiast Posts: 39   +12

    Charlie beat out Donald?! IT'S RIGGED!
  8. jobeard

    jobeard TS Ambassador Posts: 12,899   +1,532

    IMO, that all argues for a pattern I can remember :grin:
  9. dj2017

    dj2017 TS Maniac Posts: 160   +167

    Damn, someone posted online the full list with my passwords.
    lazer and Bill Nguyen like this.
  10. Lew Zealand

    Lew Zealand TS Guru Posts: 675   +577

    antiproduct likes this.
  11. BigRedPDX

    BigRedPDX TS Rookie

    You could try biometrics, but really all it will do is link your fingerprint to a password. I am pretty sure there are biometric scanners that are USB run.

    Bill Nguyen likes this.
  12. Axiarus

    Axiarus TS Evangelist Posts: 460   +268

    I use Keeper and it autofills...
  13. MustGoFishin

    MustGoFishin TS Rookie

    Totally fake report!
    I have 100's of accounts and none of them will allow 123456 or password as a password.
    Any program that allows these password has nothing to protect, the information is worthless to a thief!
  14. cliffordcooley

    cliffordcooley TS Guardian Fighter Posts: 11,403   +5,022

    Just think it could have been Hillary.

    People using these passwords are likely still in school or have nothing to loose by using them.
  15. Malakai2k

    Malakai2k TS Rookie Posts: 18

    I can't wait for implants to become a universal thing. A physical device that you don't need to remember to take with you and that you can't lose. It's just a matter of making the hardware to read the implants available in everything.

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...