'123456' and 'Password' Remain Worst Passwords of the Year for Fifth Consecutive Year

SplashData published its annual list of the worst passwords of the year this week, sourced from more than five million passwords leaked on the internet this year. Like previous years, 2018 saw numerous high-profile data leaks, but many people have continued to use easily guessable passwords for their online accounts.

The new password autofill feature in iOS 12

For the fifth consecutive year, "123456" and "password" are the top two most popular passwords online. New entries on the list include "111111", "sunshine", "princess", "666666", "654321", and "donald" at number 23. SplashData CEO Morgan Slain discussed the list: "Hackers have great success using celebrity names, terms from pop culture and sports, and simple keyboard patterns to break into accounts online because they know so many people are using those easy-to-remember combinations."

The top 10 most popular passwords of 2018:

1) 123456
2) password
3) 123456789
4) 12345678
5) 12345
6) 111111
7) 1234567
8) sunshine
9) qwerty
10) iloveyou

Higher up the list, popular passwords include people's names like "daniel", "hannah", and "thomas"; pop culture references like "solo", "tigger", and "lakers"; random items like "cookie" and "banana"; birth years like "1990" and "1991"; and simple phrases like "whatever" and "test". As Slain explained, using super-simple phrases like these for any account online is a bad idea because it's so easy to guess what they are.

“Our hope by publishing this list each year is to convince people to take steps to protect themselves online,” says Slain. “It’s a real head-scratcher that with all the risks known, and with so many highly publicized hacks such as Marriott and the National Republican Congressional Committee, that people continue putting themselves at such risk year-after-year.”

In total, SplashData estimated that almost 10 percent of people have used at least one of the top 25 worst passwords on this year's list, and nearly 3 percent of people have used the worst password at one time, "123456". Most of the five million passwords that were leaked and evaluated for the report came from users in North America and Western Europe.

To help users stay safe, SplashData said that their passwords should be no shorter than twelve characters and have mixed types of characters in each one. Every log-in should have a different password, and investing in a password management app to store everything, generate random new passwords, and automatically log into websites is always a good idea.

Apple itself introduced a new password autofill feature in iOS 12 this year, making it easy to connect to third-party password apps and fill out your passwords throughout iOS. If you haven't tried it out yet, check out our guide on using the feature to find out how it works.

Top Rated Comments

(View all)
Avatar
23 months ago
How are people managing to get away with such simple passwords? I take the XKCD approach to password creation—a sentence comprised of nonsensical but easy to remember words. By the time I get done setting up an account, however, I've had to add a number, a capital letter, and a symbol. They only make my originally strong password harder for me to remember.

Score: 22 Votes (Like | Disagree)
Avatar
23 months ago
Older Coworkers: “I use one password for everything...”

Me: “Nice! 1Password is a great password management app”

OC: “No app, just the same password every time...”

Me: *facepalm*
Score: 13 Votes (Like | Disagree)
Avatar
23 months ago
Free password managers like iCloud Keychain, Bitwarden, etc., make remembering passwords obsolete. There is no excuse to have poor passwords in 2018.
[doublepost=1544799583][/doublepost]

How are people managing to get away with such simple passwords? I take the XKCD approach to password creation—a sentence comprised of nonsensical but easy to remember words. By the time I get done setting up an account, however, I've had to add a number, a capital letter, and a symbol. They only make my originally strong password harder for me to remember.

That was great advice before the advent of cross platform secure password managers, but today I'd say using a password manager to generate a random high entropy password is a better solution, ideally coupled with a second factor for sensitive data like banking or sites with payment methods attached.
Score: 10 Votes (Like | Disagree)
Avatar
23 months ago
Quick, change the combination on my luggage! Yes got in there first
Score: 7 Votes (Like | Disagree)
Avatar
23 months ago
Mandatory video on password security:

Score: 7 Votes (Like | Disagree)
Avatar
23 months ago

Thank god mine didn't make the list.

000000
Score: 3 Votes (Like | Disagree)

Top Stories

'iPhone 12 mini' Name Reappears in Leaked Apple iPhone 12 Case Stickers

Friday September 25, 2020 1:58 am PDT by
Earlier this week a proven leaker claimed that the iPhone 12 lineup would be named "iPhone 12 mini," "iPhone 12," "iPhone 12 Pro," and "iPhone 12 Pro Max," and today the same nomenclature has appeared again in a photo depicting alleged stickers from unreleased Silicone iPhone cases originating from Apple's international distribution center in Ireland. The photo shows three stickers with the...

New Images Leak of iPhone 12 Braided USB-C to Lightning Cable

Thursday September 24, 2020 2:37 am PDT by
Rumors suggest Apple's upcoming iPhone 12 models will ship with a new Lightning to USB-C cable that includes a braided fabric design. Images of the purported cables were leaked in July, and today leaker Mr White has shared new images that give us a closer look at what we might get included in the iPhone 12 box. The photos show a USB-C to Lightning cable with a clearly braided design rather...

New Version of Microsoft Office Coming Next Year That Won't Require a Subscription

Thursday September 24, 2020 1:53 am PDT by
Microsoft will next year offer a new perpetual release of Microsoft Office for Mac and Windows that doesn't require a subscription to use, according to the software giant (via Windows Central). "Microsoft Office will also see a new perpetual release for both Windows and Mac, in the second half of 2021," said Microsoft in a blog post announcing the next version of its Exchange server,...

Apple Releases iOS 14.0.1 With Fix for Bug That Resets Default Apps After Rebooting

Thursday September 24, 2020 10:12 am PDT by
Apple today released iOS 14.0.1, the first update to the iOS 14 operating system that was released on September 16. Today's update is a bug fix update addressing issues that weren't able to be fixed in the initial iOS 14 launch. The iOS 14.0.1 update is available on all eligible devices over-the-air in the Settings app. To access the new software, go to Settings > General > Software Update. ...

Apple's iPhone 12 Event Could Happen on October 13 Based on Rumors From Mobile Operators

Wednesday September 23, 2020 11:51 am PDT by
Apple's upcoming iPhone-centric event could perhaps be held on Tuesday, October 13, according to information shared with MacRumors by an employee at a UK cellular carrier. There's no way for us to confirm the dates at this point in time nor are we sure on the credibility of the source, but even without a rumor, Tuesday, October 13 is a good guess based on Apple's historic launch timelines, ...

Apple Releases macOS Catalina 10.15.7 With Fixes for WiFi Bug, 27-Inch iMac Graphics Issues

Thursday September 24, 2020 10:32 am PDT by
Apple today released macOS Catalina 10.15.7, the latest update to the macOS Catalina software. macOS Catalina 10.15.7 fixes several major bugs that Mac users have been experiencing, and it comes a month after the latest macOS Catalina release. The ‌‌‌macOS Catalina‌‌‌ 10.15.6 Supplemental Update can be downloaded from the Mac App Store using the Update feature in the System...

Apple Designs Custom Face Mask for Corporate and Retail Employees [Updated with Unboxing]

Wednesday September 9, 2020 11:13 am PDT by
Apple's design team has created a new kind of protective mask that's being distributed to retail and corporate employees, reports Bloomberg. The mask is called the Apple Face Mask and it was developed in-house in Cupertino by the Engineering and Industrial Design teams at Apple. Last week, an Apple employee sent MacRumors an image of the mask design, which can be seen up above. The Apple ...

Video Offers Closer Look at Apple Face Mask

Friday September 25, 2020 5:25 am PDT by
YouTube channel Unbox Therapy has today shared a new video giving a closer look at Apple's reusable face masks for corporate and retail employees. Apple's own face mask was designed by the company's Engineering and Industrial Design teams amid the global health crisis for corporate and retail employees, and the boxes include Apple's famous "Designed by Apple in California" text. The...

Top Stories: iOS 14 Feature Tour, 'iPhone 12 mini' Rumors, Apple Watch Band Controversy

Saturday September 26, 2020 6:00 am PDT by
Things started to calm down a bit this week following last week's rush of media event, Apple Watch and iPad launches, and the release of iOS 14 and other operating updates. But that doesn't mean there wasn't still a lot of news, from digging deeper into iOS 14 to more iPhone 12 rumors to the uproar over trying to exchange band sizes on the new Apple Watch. On top of all of that, we heard...

Interest in iOS 14 Home Screen Ideas Helps Pinterest Break Daily Download Record

Wednesday September 23, 2020 4:37 am PDT by
Apple's introduction of widgets on the Home Screen in iOS 14 has driven a surge in interest among users looking to customize their iPhone, and that has reportedly had a knock-on effect for Pinterest, whose iOS app has seen record downloads as users flock to its content seeking design inspiration. As reported by TechCrunch, App Store intelligence firm Apptopia was first to note the impact of ...