Every year, the most frequently leaked passwords are released, and 123456 has long been at the top. This year was no exception: of the 25 worst passwords to use, the famous six-number sequence is still the most common.
The list was made by security company SplashData, which collected more than 5 million leaked passwords to identify the most popular. Usually, a popular password means a bad password because it is the first choice of malicious people to try to hack into your account.
Check out the passwords that you should avoid at any cost in any login (and ranking variation):
- 123456 (did not change position)
- Password (not changed)
- 12345678 (up one position)
- qwerty (rose two)
- 12345 (lose two)
- 123456789 (new)
- letmein (new)
- 1234567 (not changed)
- football (lost four)
- iloveyou (new)
- admin (has climbed four)
- welcome (has not changed)
- monkey (new)
- login (lost three)
- abc123 (lost one)
- starwars (new)
- 123123 (new)
- dragon (rose one)
- passw0rd (lost one)
- master (has uploaded one)
- hello (new)
- freedom (new)
- whatever (new)
- qazwsx (new)
- trustno1 (new)
In general, passwords are obvious, and: have no variation of uppercase, lowercase letters, numbers, and special characters; or are very short.
If you want to continue using easy-to-remember references to your passwords, such as starwars, an alternative is to create little phrases like “I love chewbacca!”, Which are incredibly difficult to guess (5-year-old to be precise), but you can remember easily.
In addition, I will recommend a password manager, such as 1Password, and enable two-step verification on the main services you use. So even if a hacker gets the password, he will not be able to log in.
Lastly, under no circumstances repeat the same password in several services and, if a login is leaked, change the password. Stay safe!