The worst 50 passwords of 2019

Despite all the security flaws, data leaks or privacy risks, the vast majority of people still use things like "123456" for their password.

Darlings, it's time to take security a little seriously.

The security company SplashData has published its ninth annual list of the year's worst passwords, assessing over 5 million passwords that have been leaked to find out which ones hackers share most often. This year's list shows that individuals continue to use common, easy-to-guess passwords to protect their data, including those often cited in previous reports as being particularly susceptible to cyber attacks.

While "password" has lost two positions in this year's list compared to last year's, it remains in the top five, along with "123456" and "123456789". There are some new additions to the list, such as "qwertyuiop" and several number sequences such as "7777777", however, the report notes that even the passwords that seem most complicated are used keys located next to each other on the keyboard. It also adds that using such passwords "may seem complex but will not fool hackers who know that millions of people use them.

Here, the worst of the worst:

1 - 123456 (Still the same since the 2018 ranking)

2 - 123456789 (up 1)

3 - qwerty (Up 6)

4 - contraseña (Down 2)

5 - 1234567 (Up 2)

6 - 12345678 (Down 2)

7 - 12345 (Up 2)

8 - iloveyou (Up 2)

9 - 111111 (Down 3)

10 - 123123 (Up 7)

11 - abc123 (Up 4)

12 - qwerty123 (Up 13)

13 - 1q2w3e4r (New)

14 - admin (Down 2)

15 - qwertyuiop (New)

16 - 654321 (Up 3)

17 - 555555 (New)

18 - lovely (New)

19 - 7777777 (New)

20 - welcome (Down 7)

21 - 888888 (New)

22 - princess (Down 11)

23 - dragon (New)

24 - password1 (Igual)

25 - 123qwe (New)

26 - 666666

27 - 1qaz2wsx

28 - 333333

29 - michael

30 - sunshine

31 - liverpool

32 - 777777

33 - 1q2w3e4r5t

34 - donald

35 - freedom

36 - football

37 - charlie

38 - letmein

39 - [email protected]#$%^&*

40 - secret

41 - aa123456

42 - 987654321

43 - zxcvbnm

44 - passw0rd

45 - bailey

46 - nothing

47 - shadow

48 - 121212

49 - biteme

50 - ginger

"Our hope is that after publishing this list every year we will be able to convince people to take steps to protect themselves online, and we believe that these and other efforts will begin to bear fruit," said SplashData CEO Morgan Slain. "We can say that over the years people have begun to use more complex passwords, although they still don't go far enough, as hackers can discover simple alphanumeric patterns"

Data leaks are, unfortunately, inevitable. But using secure, unique passwords for each of your accounts can prevent them from using your leaked credentials to access other accounts. The easiest way to do this is with a password manager, which will randomly generate unique passwords for all of your accounts and store them so that you are not tempted to repeat your passwords. Everyone should also enable two-step authentication whenever possible, preferably using an authentication application (which is built into many password managers).

And please, never use the word "password" as a password again ;-)

Silvia Mazzetta

Web Developer, Blogger, Creative Thinker, Social media enthusiast, Italian expat in Spain, mom of little 7 years old geek, founder of  @manoweb. A strong conceptual and creative thinker who has a keen interest in all things relate to the Internet. A technically savvy web developer, who has multiple  years of website design expertise behind her.  She turns conceptual ideas into highly creative visual digital products.