Report shows many web surfers are still using ‘123456’ as their password
For some reason, many web surfers accessing the internet don’t appear to be listening. Despite warnings by experts and countless reports of hacking, identity theft, online fraud, and more, there are people still using “123456” as a password. That simple sequence of numbers reigns king on the new top 100 worst passwords list of 2017.
According to numbers provided by SplashData, the use of “123456” as the No. 1 bad password hasn’t changed in years. The firm provides its list of the top 100 worst passwords each year, and shows that “123456” officially unseated “password” from the top spot in 2013. Since then, 123456 remains at the top of the list followed by “password” and several other common words and numbers.
California-based SplashData provides security applications and services, including its SplashID Personal Password Manager, and its TeamsID Business Password Manager. The firm releases its annual list to encourage internet surfers to use stronger passwords. The firm’s data supposedly derives from millions of leaked passwords discovered throughout the year.
Here are the top 10 worst passwords used on the internet starting from SplashData’s very first report in 2011:
2011
2012
2013
2014
2015
2016
2017
1
password
password
123456
123456
123456
123456
123456
2
123456
123456
password
password
password
password
password
3
12345678
12345678
12345678
12345
12345678
12345
12345678
4
qwerty
abc123
qwerty
12345678
qwerty
12345678
qwerty
5
abc123
qwerty
abc123
qwerty
12345
football
12345
6
monkey
monkey
123456789
123456789
123456789
qwerty
123456789
7
1234567
letmein
111111
1234
football
1234567890
letmein
8
letmein
dragon
1234567
baseball
1234
1234567
1234567
9
trustnot
111111
Iloveyou
dragon
1234567
princess
football
10
dragon
baseball
adobe123
football
baseball
1234
iloveyou
As the chart shows, “password” and “123456” are locked in a heated battle for the top spot. “12345” and “12345678” fight for third place while “qwerty” and “12345678” battle for the fourth position. One of the troubling factors is that the top 10 consist of similar words and strings of numbers over the last seven years, including “football,” “baseball,” dragon,” and “iloveyou.”
But SplashData’s annual reports don’t mean everyone on the planet is using these passwords. The company is merely pointing out bad password use in hopes that future lists will eventually wither and die. But given that these words and number strings are pulled from millions of leaked passwords each year, you can see why hackers are having a field day breaking into online accounts.
Most major websites now demand passwords consisting of upper and lower-case letters, numbers, and symbols of a specific length (character count). They even offer two-step authentication that requires a mobile device to authorize logins. But as the lists shown above illustrate, the top bad passwords consist of all letters or all numbers.
Moreover, security experts will warn that you shouldn’t use passwords that are directly related to your life, such as using your birthday, favorite movie, child’s name, and so on. Passwords should essentially be phrases that mean absolutely nothing, but can be easily remembered. “Sciss0rzCutzCh1ck0nz” could be a tough nut to crack.
Of course, using a password manager like LastPass or 1Password to handle all your accounts and passwords is an ideal security strategy as well. These services are subscription-based but eliminate the need to manage multiple passwords for multiple accounts.
Editors’ Recommendations
- Google estimates 1.9 billion usernames are available on the black market
- How to reset your Apple ID password and gain control of your account
- Password manager face off – LastPass vs 1Password, who you got?
- Here’s how to password protect a folder on Windows and MacOS
- Popular VPN provider TunnelBear jumps into password management with RememBear
AIVAnet 