Skip to Content

Worst Passwords of 2017 Include '123456' and 'Password'

by

SplashData today published its annual list of the worst passwords of the year, using data pulled from over five million passwords that were leaked across 2017 by hackers.

Despite many well-publicized major data leaks in 2016 and 2017, many people continue to use weak passwords that are easily guessed. "123456" and "Password," for example, were the two most popular passwords SplashData came across, as they have been for several years running.

worst passwords 2017
Other passwords in the top 10 of the worst passwords list included "12345678," "qwerty," "12345," "123456789," "letmein," "1234567," "football," and "iloveyou." "Monkey," "123123," and "starwars" also made the list this year, as new easily guessable passwords people have adopted. Passwords made up of a single word or consecutive number string are dangerous because they're so easy to guess.

"Unfortunately, while the newest episode may be a fantastic addition to the Star Wars franchise, 'starwars' is a dangerous password to use," said Morgan Slain, CEO of SplashData, Inc. "Hackers are using common terms from pop culture and sports to break into accounts online because they know many people are using those easy-to-remember words."

With data breaches from major companies so common, a strong password that consists of multiple random words or multiple numbers, letters, and characters is essential, and it's also important not to use the same password for more than one account.

Safari has built-in password generating features, and passwords can also be stored in the Keychain and accessed on all of your iOS and Mac devices. Password management apps like 1Password, LastPass, or SplashID can also make remembering and managing multiple passwords simple.

SplashData publishes its annual list to encourage people to use stronger passwords. This year, the company's data came primarily from North America and Western Europe, culled from data leaks. Yahoo data and data from adult websites was not included.

In 2017, there were several major data leaks from companies that included Verizon, Saks Fifth Avenue, Deloitte, and Uber, along with a huge Equifax breach that exposed the personal information of millions of people.

Popular Stories

MacBook Neo Feature Pastel 1

First MacBook Neo Benchmarks Are In: Here's How It Compares to the M1 MacBook Air

Thursday March 5, 2026 4:07 pm PST by
Benchmarks for the new MacBook Neo surfaced today, and unsurprisingly, CPU performance is almost identical to the iPhone 16 Pro. The MacBook Neo uses the same 6-core A18 Pro chip that was first introduced in the iPhone 16 Pro, but it has one fewer GPU core. The MacBook Neo earned a single-core score of 3461 and a multi-core score of 8668, along with a Metal score of 31286. Here's how the...
Read Full Article360 comments
imac video apple feature

Apple Unveils Seven New Products

Friday March 6, 2026 11:48 am PST by
Apple this week unveiled seven products, including an iPhone 17e, an iPad Air with the M4 chip, updated MacBook Air and MacBook Pro models, a new Studio Display, a higher-end Studio Display XDR, and an all-new MacBook Neo that starts at just $599. iPhone 17e features the same overall design as the iPhone 16e, but it gains Apple's A19 chip, MagSafe for magnetic wireless charging and magnetic...
Read Full Article
Apple MacBook Pro M4 hero

Apple Planning 'MacBook Ultra' With Touchscreen and Higher Price

Sunday March 8, 2026 8:05 am PDT by
Apple is planning to launch an all-new "MacBook Ultra" model this year, featuring an OLED display, touchscreen, and a higher price point, Bloomberg's Mark Gurman reports. Gurman revealed the information in his latest "Power On" newsletter. While Apple has been widely expected to launch new M6-series MacBook Pro models with OLED displays, touchscreen functionality, and a new, thinner design...
Read Full Article449 comments

Top Rated Comments

I
infinitedreams
107 months ago
Worst username/password combination...

Username: root
Password:
Score: 42 Votes (Like | Disagree)
djeeyore25 Avatar
djeeyore25
107 months ago
"That's amazing! I've got the same combination on my luggage!"
Score: 16 Votes (Like | Disagree)
oneMadRssn Avatar
oneMadRssn
107 months ago
Hey guys, look what I discovered. If you try to post you password on this forum, it automatically replaced it with asterisks.

Look, this is my password: ********

Try it!
Score: 10 Votes (Like | Disagree)
P
potatis
107 months ago
Score: 5 Votes (Like | Disagree)
Christoffee Avatar
Christoffee
107 months ago
These lists comes out every year.

Why don't the websites themselves incorporate this list into the mechanism that accepts your new password?

A lot of sites have, at minimum, a way to tell you if your password isn't long enough. And some also tell you that you need a number or uppercase letter.

Frankly... I'm not sure I'd wanna do business with a website that allows "123456" as a password. :p

Oh I'm still blaming the user overall... but I think the websites could help fix this terrible habit.
While I get what you're saying, rules imposed by websites infuriate me. I have a password system, that allows me to have long, unique passwords for everysite. It incorporates a number, a caps, and a sign. When i set my password and a website tells me that it must have at least two numbers I'm :mad:! The password is unique and 19 characters long! And you're telling me that I should use "monkey69".
Score: 5 Votes (Like | Disagree)
SeminalSage Avatar
SeminalSage
107 months ago
Hey guys, look what I discovered. If you try to post you password on this forum, it automatically replaced it with asterisks.

Look, this is my password: ********

Try it!
My password: ********

Holy cow, you were right!
Score: 5 Votes (Like | Disagree)
Read All Comments