When we picture a nefarious hacker infiltrating our accounts we like to imagine a super-skilled computer wizard bashing away at a keyboard in front of an epic collection of monitors. But in reality, when many personal accounts are compromised it is because someone simply guessed an obvious password. In a list of the most commonly used passwords of 2018 it was astoundingly revealed that a huge number of people still use “password” as their password.
For eight years now password management software company SplashData has published an annual list of the most common, or worst, passwords of the year. The list is generated by examining all the big password leaks that filter out onto the internet. This year the list was generated from over five million passwords.
The top few spots remained unchanged from prior years, with the two most popular passwords being “123456” and “password’. Some new entries on the list include “sunshine” (8th spot), “princess” (11th), and “charlie” (21st). Perhaps sensing the tenor of our times “donald” appeared on the list for the first time as the 23rd most popular password.
“It’s a real head-scratcher that with all the risks known, and with so many highly publicized hacks such as Marriott and the National Republican Congressional Committee, that people continue putting themselves at such risk year-after-year,” remarks SpashData’s CEO, Morgan Slain.
It’s estimated that around 10 percent of people use at least one of the top 25 passwords, so it is no surprise that you don’t need to be a genius hacker to get into some accounts. Digging deeper into the top 100 passwords reveals how often people pick out similar keyboard patterns for passwords. “1qaz2wsx”, for example, is the 59th most popular password, while “1q2w3e” sits at 86 on the list.
See below for the top 25 passwords of 2018, and with any luck you won’t see any of your passwords on the list.
Check our the top 100 here.
If your password made the top 100 worst passwords list this year, you’d probably do well to change it. SplashData recommends you:
1. Use passphrases of twelve characters or more with mixed types of characters.
2. Use a different password for each of your logins. That way, if a hacker gets access to one of your passwords, they will not be able to use it to access other sites.
3. Protect your assets and personal identity by using a password manager to organize passwords, generate secure random passwords, and automatically log into websites.