Which are the worst passwords for 2018?

Pierluigi Paganini December 15, 2018

Which are the worst passwords for 2018? SplashData report confirms that  123456 is the most used password for the 5th year in a row

Bad habits are hard to die, 123456 is the most used password for the 5th year in a row followed by “password”.

Even if security experts continue to make awareness campaign, people continue to use bad habits exposing their data to the risk of hack.

SplashData published for the 8th year in a row the worst passwords list, the annual report is based on the analysis of more than 5 million leaked passwords.

Below the 2018 top 10 most used passwords are:

  1. 123456
  2. password 
  3. 123456789
  4. 12345678
  5. 12345
  6. 111111
  7. 1234567 
  8. sunshine
  9. qwerty
  10. iloveyou

“Bad habits die hard, according to SplashData’s eighth annual list of Worst Passwords of the Year. After evaluating more than 5 million passwords leaked on the Internet, the company found that computer users continue using the same predictable, easily guessable passwords.” reads the
press release published by SplashData.

“Using these passwords will put anyone at substantial risk of being hacked and having their identities stolen.” 

This year, President Trump appeared for the first time in the list of the worst password with “donald” showing up as the 23rd most frequently used password.

Unfortunately, people are still using celebrity names, terms from pop culture and sports, and simple keyboard patterns, a gift for hackers that can use them to compromise their online accounts.

“Our hope by publishing this list each year is to convince people to take steps to protect themselves online,” said Morgan Slain, CEO of SplashData, Inc. “It’s a real head-scratcher that with all the risks known, and with so many highly publicized hacks such as Marriott and the National Republican Congressional Committee, that people continue putting themselves at such risk year-after-year.”

Experts suggest the adoption of string passwords and the usage of a unique password for every service they access. Passwords should contain at least 8 characters, upper and lower case letters, numbers, and symbols (i.e. %$#!.). 

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(Security Affairs – passwords, hacking)

[adrotate banner="5"]

[adrotate banner="13"]

you might also like

leave a comment