Skip to main content

Worst passwords of 2017 revealed

Published on: 2 Jan 2018

Weak, predictable passwords such as ‘passw0rd’ and ‘letmein’ have become a long-running joke in the realm of cyber security.

But it seems they’re still being used to protect many online accounts after the worst passwords of 2017 were revealed.

Research published by SplashData listed what are considered to be the 100 flimsiest passwords currently in use around the world.

Cyber security experts constantly advise internet users to regularly update the passwords for their most valuable accounts with a unique combination of letters, numbers and symbols in a bid to hinder hackers’ efforts.

However, many of the usual - and useless - suspects like ‘qwerty’ and ‘123456789’ remain in action, with ‘123456’ topping the list for the second year running.

It has become increasingly common for reams of passwords to leak onto the internet and security researchers have used this data to shine a light on the poor choices made by internet users when choosing a password.

Researchers looked at more than five million passwords leaked by hackers during 2017 - although many more surfaced online over the course of the year - and these were deemed to be the worst:

1. 123456

2. password

3. 12345678

4. qwerty

5. 12345

6. 123456789

7. letmein

8. 1234567

9. football

10. iloveyou

11. admin

12. welcome

13. monkey

14. login

15. abc123

16. starwars

17. 123123

18. dragon

19. passw0rd

20. master

21. hello

22. freedom

23. whatever

24. qazwsx

25. trustno1

26. 654321

27. jordan23

28. harley

29. password1

30. 1234