The Most Popular Bad Passwords of 2017


Every year, we are inundated with a series of hacks that remind us of the importance of strong passwords. And yet, at the end of every year, we also see new data that proves a vast majority of people just don’t care about security.

Why do these hacks keep occurring? Bad passwords play a major part. Enterprise password manager SplashData has again released a study detailing the world’s most popular passwords, as revealed by hacked and leaked databases of passwords (in addition to gauging popularity, it also noted whether a particular password was new to the list). In a sad twist, many of these codes are beyond simple.

Yet again, the worst offenders are ‘123456’ and ‘password.’ We’ll chalk those up to lazy IT management and even lazier workers. They smack of starter passwords given to new hires, who sometimes fail to upgrade to something more secure.

If you need a giggle, here are the top ten:

1. 123456
2. password
3. 12345678
4. qwerty
5. 12345
6. 123456789
7. letmein
8. 1234567
9. football
10. iloveyou

SplashData notes 6, 7 and 10 are new to the list. Also new (versus last year) are ‘monkey’ (13th), ‘starwars’ (16th), ‘123123’, (17th), ‘hello’ (1st), ‘freedom’ (22nd), ‘whatever’ (23rd), ‘qazwsx’ (24th), and ‘trustno1’ (25th).

We’re especially fond of ‘trustno1’ for a password. Hello, ‘X-Files’ fans!

SplashData says hackers use “common terms from pop culture and sports to break into accounts online because they know many people are using those easy-to-remember words.” That’s why a password like ‘starwars’ is so problematic. Indeed, SplashData’s 2014 study found ‘superman’ ranked 21st. The popular ‘Man of Steel’ movie was released in 2013.

What’s possibly more problematic than ignorance is misinformation. Users clearly think ‘starwars’ and ‘superman’ are unique enough to protect their devices and accounts. Many also recycle passwords, and a password so easily cracked could potentially give up far more personal data than anyone would be comfortable with.

Post a Comment

Your email address will not be published.