The Dumbest Passwords of 2017

December 20, 2017

One of the best defenses against hacking is a unique password, but many aren't heeding the call. Indeed, “123456” and “password” continue to rank as the most-leaked passwords, according to SplashData, a password management firm. “Starwars,” “monkey,” and “iloveyou” are new to the list this year, which is based on millions of stolen logins made public in the past year.

“Hackers are using common terms from pop culture and sports to break into accounts online because they know many people are using those easy-to-remember words,” says Morgan Slain, CEO of SplashData. The company advises anyone who recognizes a password on the list below to change it immediately.

  1. 123456 (ranked number one last year)
  2. Password (also unchanged in ranking)
  3. 12345678
  4. qwerty
  5. 12345
  6. 123456789 
  7. letmein 
  8. 1234567 
  9. football
  10. iloveyou 
  11. admin 
  12. welcome 
  13. monkey (new to the list)
  14. login 
  15. abc123 
  16. starwars (new to the list)
  17. 123123 (new to the list)
  18. dragon
  19. passw0rd
  20. master 
  21. hello (new to the list)
  22. freedom (new to the list)
  23. whatever (new to the list)
  24. qazwsx (new to the list)
  25. trustno1 (new to the list)

Source: “The 25 Most Popular Passwords of 2017: You Sweet, Misguided Fools,” Gizmodo (Dec. 19, 2017)