Worst Password List Has All The Usual Suspects

The fallout from the Facebook porn scandal of the past few weeks continues, with software company SplashData listing the top 25 most commonly used "bad" passwords. You can probably list the top 10 with your eyes closed.

As expected, "password" tops the list, with "123456" coming in at number two. Other worthless attempts at security include "monkey", "iloveyou" and "abc123".

While it's unlikely that any of Lifehacker's intelligent, tech-savvy (not to mention good-looking) readers would use any of the passwords on the list, it's still a timely reminder to ensure that you're doing the best to make password hacking a touch more difficult for nefarious types online. There are plenty of ways to create secure passwords for your online sites, many of which have been covered right here.

And while it's always an uncomfortable conversation, it's worth talking to your family members and friends - especially the less tech savvy ones - to discreetly discuss the importance of using strong passwords. If you've got any tips on how to have those conversations, feel free to share them below.

25 'worst' web passwords - [The Telegraph]


    I add a few backspaces into my passwords to keep it ultra secure.

      haha +1

    Crap! I better upgrade my password security to 234567 now

    looks like the s3cr3t is out!!

    "...generated by SplashData, an American password management data application"

    Does nobody else find it a little disconcerting that they're running data analysis on their users passwords? If they can get to it, it means your passwords are either stored in plaintext or they keep a copy of your key around to use whenever they like.

    If I was using their service, I'd expect all my data to be encrypted and only unlocked when I provide the correct password. It'd mean that data is gone forever if I forget my password, but i'd consider that well worth it.

      Where does it say they're getting the data from their users? Oh, it doesn't.

    "SplashData created the rankings based on millions of stolen passwords posted online by hackers" Probably the RockYou hack plus a few others.

    While we are at it, it's worth checking http://dazzlepod.com/disclosure to see if your email/password has been compromised.

    Best form of security = steel undies.

    So the combination is... one, two, three, four, five? That's the stupidest combination I've ever heard in my life! The kind of thing an idiot would have on his luggage!

    - Dark Helmet (Spaceballs)

      Damn you beat me to it John Cox!!

    Remind you of Spaceballs anyone? Password to our planet: 12345. Mel Brooks: "That's Amazing! I got the same combination on my luggage!"

    Ah, I know - "123456 is a really bad password, but a really great passphrase!"

    "correct horse battery staple"


    I admit, I use the 'simple' passwords that's listed for the typical forums, small social sites, music sites, torrent sites - where its easy to password recover as it sends to my email. Where my email accounts and other sensitive stuff online is 20 + characters/numbers/upper lower cases/etc. Some times you really don't need a strong password for everything

    I learnt the importance of a good password when gawker was hacked :P. Terrible 'journalism' and security. Quite the joke.

    think i better start using password2

    People who use these passwords are the same breed of people who build their houses next to active volcano's and then complain when there's lava in their living room.

    It's not quite as bad as the people who set-and-forget their passwords. Then they switch computers or have a fresh install of Windows and have no idea what the password is (some claim they never had a password 0.o)

    Upper/lower-case, numbers and symbols for the win. :D

    I just use a number i know

Join the discussion!

Trending Stories Right Now