Despite all the security flaws, data leaks or privacy risks, the vast majority of people still use things like "123456" for their password.
Darlings, it's time to take security a little seriously.
The security company SplashData has published its ninth annual list of the year's worst passwords, assessing over 5 million passwords that have been leaked to find out which ones hackers share most often. This year's list shows that individuals continue to use common, easy-to-guess passwords to protect their data, including those often cited in previous reports as being particularly susceptible to cyber attacks.
While "password" has lost two positions in this year's list compared to last year's, it remains in the top five, along with "123456" and "123456789". There are some new additions to the list, such as "qwertyuiop" and several number sequences such as "7777777", however, the report notes that even the passwords that seem most complicated are used keys located next to each other on the keyboard. It also adds that using such passwords "may seem complex but will not fool hackers who know that millions of people use them.
Here, the worst of the worst:
1 - 123456 (Still the same since the 2018 ranking)
2 - 123456789 (up 1)
3 - qwerty (Up 6)
4 - contraseña (Down 2)
5 - 1234567 (Up 2)
6 - 12345678 (Down 2)
7 - 12345 (Up 2)
8 - iloveyou (Up 2)
9 - 111111 (Down 3)
10 - 123123 (Up 7)
11 - abc123 (Up 4)
12 - qwerty123 (Up 13)
13 - 1q2w3e4r (New)
14 - admin (Down 2)
15 - qwertyuiop (New)
16 - 654321 (Up 3)
17 - 555555 (New)
18 - lovely (New)
19 - 7777777 (New)
20 - welcome (Down 7)
21 - 888888 (New)
22 - princess (Down 11)
23 - dragon (New)
24 - password1 (Igual)
25 - 123qwe (New)
26 - 666666
27 - 1qaz2wsx
28 - 333333
29 - michael
30 - sunshine
31 - liverpool
32 - 777777
33 - 1q2w3e4r5t
34 - donald
35 - freedom
36 - football
37 - charlie
38 - letmein
39 - !@#$%^&*
40 - secret
41 - aa123456
42 - 987654321
43 - zxcvbnm
44 - passw0rd
45 - bailey
46 - nothing
47 - shadow
48 - 121212
49 - biteme
50 - ginger
"Our hope is that after publishing this list every year we will be able to convince people to take steps to protect themselves online, and we believe that these and other efforts will begin to bear fruit," said SplashData CEO Morgan Slain. "We can say that over the years people have begun to use more complex passwords, although they still don't go far enough, as hackers can discover simple alphanumeric patterns"
Data leaks are, unfortunately, inevitable. But using secure, unique passwords for each of your accounts can prevent them from using your leaked credentials to access other accounts. The easiest way to do this is with a password manager, which will randomly generate unique passwords for all of your accounts and store them so that you are not tempted to repeat your passwords. Everyone should also enable two-step authentication whenever possible, preferably using an authentication application (which is built into many password managers).
And please, never use the word "password" as a password again ;-)