Please don’t use 123456 as your password

This year marks the fifth year that SplashData is releasing their “Worst Password List” which highlights just how little we care about our online privacy and security. Or at least some of us. By the way: If your password is on that list, you should really consider changing it – immediately.

The List

So without further ado, here is the list you’ve been waiting for:

  1. 123456 (Unchanged)
  2. password (Unchanged)
  3. 12345678 (+1)
  4. qwerty (+1)
  5. 12345 (-2)
  6. 123456789 (Unchanged)
  7. football (+3)
  8. 1234 (-1)
  9. 1234567 (+2)
  10. baseball (-2)
  11. welcome (New)
  12. 1234567890 (New)
  13. abc123 (+1)
  14. 111111 (+1)
  15. 1qaz2wsx (New)
  16. dragon (-7)
  17. master (+2)
  18. monkey (-6)
  19. letmein (-6)
  20. login (New)
  21. princess (New)
  22. qwertyuiop (New)
  23. solo (New)
  24. passw0rd (New)
  25. starwars (New)

The first thing you might have noticed is that “123456” and “password” are still at the top of the list. This means we can safely assume that the people using those passwords don’t read articles like this one. One can also see the influence of Sports and to some degree pop culture (namely Star Wars), with football, baseball, princess (as in Princess Leia), solo (as in Han Solo), and well, Star Wars, making it to the top 25.

So what to do?

You should definitely make sure you at least consider the following security tips:

  • Use a unique password for each of your accounts. When a website gets hacked one of the first things bad guys do is checking out if your username/email-address/password combination works on other (high-profile) pages.
  • Your password should consist of at least eight characters. It should include upper- and lower-cases, numbers, and special characters.
  • Try and create passwords that can’t be found in a dictionary. Hackers nowadays have programs that cycle through dictionaries to check if they can access your account.
  • Don’t use character strings like 12345, abcde, qweertyui, etc.
  • Use passwords that can’t be associated with you: Your dog’s name, birthday dates of family members or yourself or your favorite sport are a no go.
  • Change your password regularly – especially when it comes to your email and online banking/online payment accounts.
  • Don’t write down your password and do never ever share them.

If you have trouble coming up with a good, strong, and complex enough password, try one of the many password generators out there. Just make sure to remember it afterwards. ?

What are your password tips?

PR & Social Media Manager @ Avira |Gamer. Geek. Tech addict.