While it is no surprise that “123456” and “password” are terrible passwords to have, SplashData’s eighth annual list of Worst Passwords of the Year shows that “donald” is one of the easiest passwords to guess.
SplashData, a provider of password management applications for over 15 years, evaluated over 5 million passwords leaked on the internet and found out that computer users continue using the same predictable, easily guessable passwords.
“Sorry, Mr. President, but this is not fake news – using your name or any common name as a password is a dangerous decision,” said Morgan Slain, CEO of SplashData, Inc.
“Hackers have great success using celebrity names, terms from pop culture and sports, and simple keyboard patterns to break into accounts online because they know so many people are using those easy-to-remember combinations,” he added.
“Our hope by publishing this list each year is to convince people to take steps to protect themselves online,” says Slain.
“It’s a real head-scratcher that with all the risks known, and with so many highly publicized hacks such as Marriott and the National Republican Congressional Committee, that people continue putting themselves at such risk year-after-year.”
Each year, SplashData evaluates millions of leaked passwords to determine which passwords were most used by computer users during that year. Even with the risks well known, many millions of people continue to use weak, easily-guessable passwords to protect their online information. 2018 was the fifth consecutive year that “123456” and “password” retained their top two spots on the list. The next five top passwords on the list are simply numerical strings.
The worst passwords of 2018:
#1 - 123456
#2 - password
#3 - 123456789
#4 - 12345678
#5 - 12345
#6 - 111111
#7 - 1234567
#8 - sunshine
#9 - qwerty
#10 - iloveyou
#11 - princess
#12 - admin
#13 - welcome
#14 - 666666
#15 - abc123
#16 - football
#17 - 123123
#18 - monkey
#19 - 654321
#20 - !@#$%^&*
#21 - charlie
#22 - aa123456
#23 - donald
#24 - password1
#25 - qwerty123