We’re drowning in passwords. From email accounts and Facebook to services like mobile banking and video streaming, the average Internet user today has to keep track of a seemingly endless collection of passwords. It can quickly become overwhelming, and far too many users, in an effort to keep things manageable, tend to rely upon passwords that are incredibly easy to remember but just as easy to guess.
With 2018 just around the corner, SplashData is out with a fresh list highlighting some of the most commonly used — and thus least secure — passwords of 2017. Not surprisingly, the list is filled with a good number of the usual suspects, including “123456” and “Password,” two perennial classics.
The full list was tabulated after looking at more than 5 million passwords that surfaced over the past 12 months during various leaks. And while many of the passwords are familiar, there are some new entries worth noting, including “starwars” and “whatever.”
“Unfortunately, while the newest episode may be a fantastic addition to the Star Wars franchise, ‘starwars’ is a dangerous password to use,” SplashData CEO Morgan Slain said in a press release. “Hackers are using common terms from pop culture and sports to break into accounts online because they know many people are using those easy-to-remember words.”
“Hackers know your tricks, and merely tweaking an easily guessable password does not make it secure,” Slain added. “Our hope is that our Worst Passwords of the Year list will cause people to take steps to protect themselves online.”
The top 10 worst passwords of 2017 are as follows:
- 123456
- password
- 12345678
- qwerty
- 12345
- 123456789
- letmein
- 1234567
- football
- iloveyou
An infographic illustrating the 25 worst passwords of 2017, along with how the placement of each password has changed year over year, can be seen below.
