Vote 2020 graphic
Everything you need to know about and expect during
the most important election of our lifetimes

The 25 Most Popular Passwords of 2018 Will Make You Feel Like a Security Genius

Illustration for article titled The 25 Most Popular Passwords of 2018 Will Make You Feel Like a Security Genius
Photo: Getty

For the last seven years, SplashData has revealed its annual list of the most commonly used passwords of the year. This time around, the results reveal that, uh, we still have work to do.

Advertisement

The 2018 Worst Passwords of the Year list was determined after SplashData evaluated over 5 million passwords that have leaked online in the last year. The top two slots have been left unchanged for the fifth year in a row. They are, maddeningly, “123456” and “password.” The next five consecutive spots were other assortments of numbers (“123456789” and “111111”, for instance).

Several of the 25 included passwords were repeats from previous years, but there were a handful of new ones. Some were more poignant for the hellish year (“666666” and “!@#$%^&*” and “donald”) compared to inexplicably optimistic-sounding ones (“sunshine” and “princess”).

Advertisement

“Sorry, Mr. President, but this is not fake news – using your name or any common name as a password is a dangerous decision,” Morgan Slain, CEO of SplashData, said in a news release. “Hackers have great success using celebrity names, terms from pop culture and sports, and simple keyboard patterns to break into accounts online because they know so many people are using those easy-to-remember combinations.”

SplashData noted in the news release that its intention behind creating these painfully revealing lists is to prompt readers to adopt better security measures, namely stronger passwords. Obviously a strong password alone isn’t a surefire way to protect yourself online, but it’s definitely a crucial factor, and pretty much the entire list of the most commonly used ones are begging to be hacked.

“Our hope by publishing this list each year is to convince people to take steps to protect themselves online,” Slain said. “It’s a real head-scratcher that with all the risks known, and with so many highly publicized hacks such as Marriott and the National Republican Congressional Committee, that people continue putting themselves at such risk year-after-year.”

If you find that your passwords aren’t so unlike the ones included in this year’s list, wyd??? Change your passwords. Here’s the full, eighth annual list:

1. 123456 (Unchanged)

2. password (Unchanged)

3. 123456789 (Up 3)

4. 12345678 (Down 1)

5. 12345 (Unchanged)

6. 111111 (New)

7. 1234567 (Up 1)

8. sunshine (New)

9. qwerty (Down 5)

10. iloveyou (Unchanged)

11. princess (New)

12. admin (Down 1)

13. welcome (Down 1)

14. 666666 (New)

15. abc123 (Unchanged)

16. football (Down 7)

17. 123123 (Unchanged)

18. monkey (Down 5)

19. 654321 (New)

20. !@#$%^&* (New)

21. charlie (New)

22. aa123456 (New)

23. donald (New)

24. password1 (New)

25. qwerty123 (New)

Advertisement

Share This Story

Get our newsletter

DISCUSSION

20. !@#$%^&* (New)

For a brief second I though “Huh? That actually looks like a pretty good password, all special characters, a good number of them, etc”

Then I looked at my keyboard.....

Edit - I also wish there was some way of measuring the importance of the account associated with these PW’s. Like, if you’re registering for some random forum to ask one question, nothing wrong with having a dead simple junk PW you use for all your throwaway, unimportant accounts (although mine still follows good PW practices).