“123456” and “password” are the most commonly used worst passwords of 2017

By
December 20, 2017

“123456” is still the most widely used password followed by “password”

The recent years have witnessed a surge in hackings and data breaches, which has raised concerns regarding security online. Internet users have been time and again advised to use strong passwords containing combination of letters, numbers and symbols for better security of accounts. However, it appears that all these warnings are falling on deaf ears.

According to an annual report from Splashdata, “123456” and “password” came out on the top as people’s choice of phrases to protect their accounts from hackers. Splashdata prepares a list of top 100 passwords based on the millions of aggregating passwords leaked in data breaches during the past year. The report also reveals that people use sports and film titles as their passwords, as they are easy to remember.

Apparently, more than five million passwords were leaked by hackers in 2017. The list below contains top 25 passwords and how they have fared compared to last year. Also, there are some new entries that did not appear in last year’s list. Those are mentioned as ‘New’ in the below mentioned list.



  1. 123456 (Unchanged)
  2. Password (Unchanged)
  3. 12345678 (+1)
  4. qwerty (+2)
  5. 12345 (-2)
  6. 123456789 (New)
  7. letmein (New)
  8. 1234567 (Unchanged)
  9. football (-4)
  10. iloveyou (New)
  11. admin (+4)
  12. welcome (Unchanged)
  13. monkey (New)
  14. login (-3)
  15. abc123 (-1)
  16. starwars (New)
  17. 123123 (New)
  18. dragon (+1)
  19. passw0rd (-1)
  20. master (+1)
  21. hello (New)
  22. freedom (New)
  23. whatever (New)
  24. qazwsx (New)
  25. trustno1 (New)

As we mentioned above, films play a major role in users deciding on their passwords. The list suggests that the recently released Star Wars: The Last Jedi has influenced many people’s choice of passwords such as ‘starwars.’

“Unfortunately, while the newest episode may be a fantastic addition to the Star Wars franchise, ‘starwars’ is a dangerous password to use,” SplashData CEO Morgan Slain said in a press release. “Hackers are using common terms from pop culture and sports to break into accounts online because they know many people are using those easy-to-remember words.”

Even, tech writer Paul Thurrott made fun of the news:

If you are using any of the password showing in the above list, we suggest you to change your password immediately. You can protect yourself by using a password manager such as 1Password, which can generate secure passwords and store them online. Further, Safari also offers built-in password generation, and so do apps such as SplashID and LastPass. Alternatively, you can also use two-factor authentication, which will send a text with a code or use an app to verify your log-in.

Source: Neowin

By Kavita Iyer

An individual, optimist, homemaker, foodie, a die hard cricket fan and most importantly one who believes in Being Human

Leave a Reply

Your email address will not be published. Required fields are marked*