- ‘123456’ and ‘password’ still remain the two most commonly used passwords.
- The password ‘donald’ rose to the 23rd spot on the list.
Humans are considered to be creatures of habit. While many habits can prove to be quite beneficial in improving our lives, there is one that can be quite harmful - using extremely common passwords. This is a habit adopted by countless people, despite repeated warnings and disasters.
SplashData, a password management security company, publishes an annual list of the most common passwords found from large password dumps. This year, they assessed over 5 million passwords found from various leaks.
Unsurprisingly, the top two spots in the ranking remain unchanged with “123456” in the first and “password” in the second spot. SplashData estimates that almost 3 percent of people used “123456” as their password and the top 25 most common passwords made up almost 10 percent of all the passwords analyzed.
Just like the top two, there are many other passwords that are quite common. These include ‘123456789’, ‘12345678’, ‘1234567’, ‘12345’, ‘qwerty’, ‘iloveyou’, ‘admin’, ‘welcome’, ‘abc123’, ‘football’, ‘123123’, and ‘monkey’.
There were also some new entries on the list including numeric strings like ‘111111’, ‘666666’, ‘654321’, and others like ‘!@#$%^&’, ‘aa123456’, ‘password1’, ‘qwerty123’. Additionally, there were some names and words which entered the top 25 including ‘sunshine’, ‘princess’, ‘charlie’, and ‘donald’.
The ones which got knocked out of the top 25 this year include ‘letmein’, ‘login’, ‘starwars’, ‘dragon’, ‘passw0rd’, ‘master’, ‘hello’, ‘freedom’, ‘whatever’, ‘qaxwsx’, and ‘trustno1’.
Slow changing behaviors
Morgan Slain, CEO of SplashData, was surprised by how people’s cyber hygiene habits are very slow to change.
“It’s a real head-scratcher that with all the risks known, and with so many highly publicized hacks such as Marriott and the National Republican Congressional Committee, that people continue putting themselves at such risk year-after-year,” Slain said.
Regarding the password ‘donald which bagged the 23rd spot on the list, Slain said, “Sorry, Mr. President, but this is not fake news – using your name or any common name as a password is a dangerous decision. Hackers have great success using celebrity names, terms from pop culture and sports, and simple keyboard patterns to break into accounts online because they know so many people are using those easy-to-remember combinations.”
It goes without saying that if you find your password(s) on this list, it is time to replace them with a strong and unique password for each account. Using a password manager can make it easier to manage different passwords without you having to remember all of them.
Additionally, it is recommended that all users set up two-factor authentication wherever available and especially in case of sensitive sites like banking and healthcare sites.
The top 25
The complete list of the 25 most common passwords SplashData found this year follows below: