2017 Worst Passwords

By:  |  Category: Blog, Security Wednesday, December 27th, 2017  |  No Comments
password

It’s a repeat year for “123456” which remained as the top password among the millions of cleartext passwords exposed online from multiple data breach incidents at various providers.

Let’s talk straight, if “123456” is your password then your security level is at an all time low, but the other gems found on a list of  Top 100 Worst Passwords of 2017 are just as disturbing.

Many of the most easily hackable passwords are sports terms (football, baseball, soccer, hockey, Lakers, jordan23, golfer, Rangers, Yankees), car brands (Mercedes, Corvette, Ferrari, Harley), and common expressions (iloveyou, letmein, whatever, blahblah).

But, the majority of the list was comprised of names, like: Robert (#31), Matthew (#32), Jordan (#33), Daniel (#35), Andrew (#36), Andrea (#38), Joshua (#40), George (#48), Nicole (#53), Hunter (#54), Chelsea (#62), Phoenix (#66), Amanda (#67), Ashley (#69), Jessica (#74), Jennifer (#76), Michelle (#81), William (#86), Maggie (#92), Charlie (#95), and Martin (#96), showing up on the list.

Top 25 List of Worst Passwords

The top 25 list was assembled by SplashData, a company that provides various password management utilities such as TeamsID and Gpass. The company  compiled the list by reviewing over five million user records leaked online in 2017  that contained password information.

“Use of any of the passwords on this list would put users at grave risk for identity theft,” said a SplashData spokesperson in a press release that accompanied a two-page PDF document containing a list of the most encountered passwords.

Why? This is because attackers use these same leaked records to build similar lists of leaked passwords, which they then assemble as “dictionaries” for carrying out account brute-force attacks.

Attackers will try the leaked terms, but they’ll also create common variations on these words using simple algorithms. This means that by adding “1” or any other character combinations at the start or end of basic terms, users aren’t improving the security of their password.”

The best password policy is a good cyber security training session, and avoiding the terms below.

1 – 123456 (rank unchanged since 2016 list)
2 – password (unchanged)
3 – 12345678 (up 1)
4 – qwerty (Up 2)
5 – 12345 (Down 2)
6 – 123456789 (New)
7 – letmein (New)
8 – 1234567 (Unchanged)
9 – football (Down 4)
10 – iloveyou (New)
11 – admin (Up 4)
12 – welcome (Unchanged)
13 – monkey (New)
14 – login (Down 3)
15 – abc123 (Down 1)
16 – starwars (New)
17 – 123123 (New)
18 – dragon (Up 1)
19 – passw0rd (Down 1)
20 – master (Up 1)
21 – hello (New)
22 – freedom (New)
23 – whatever (New)
24 – qazwsx (New)
25 – trustno1 (New)

If your business needs cyber security training give EnhancedTECH a call at 714-970-9330 or contact us t sales@enhancedtech.com for a complimentary consultation.

Samantha Keller

Samantha Keller

Director of Marketing and PR at EnhancedTECH
Samantha Keller (AKA Sam) is a published author, tech-blogger, event-planner and mother of three fabulous humans. Samantha has worked in the IT field for the last fifteen years, intertwining a freelance writing career along with technology sales, events and marketing. She began working for EnhancedTECH ten years ago after earning her Bachelor’s degree from UCLA and attending Fuller Seminary. She is a lover of kickboxing, extra-strong coffee, and Wolfpack football.Her regular blog columns feature upcoming tech trends, cybersecurity tips, and practical solutions geared towards enhancing your business through technology.
Samantha Keller
Leave a Comment
Read previous post:
AI Security A Huge Concern

Worried about AI? You aren't alone. A new panel by Webroot shows that 86% of security professionals are concerned that...

Close