Prepare to Be Ashamed: The Worst Passwords of 2017

SplashData has released its annual list of worst passwords, and it should be no surprise why so many people continue to get hacked.

When it comes to cybersecurity, the most basic and common form of protection is a password. That being said, you would think people would put a little more thought and effort into something that protects everything from personal emails to bank accounts.

SplashData, a provider of security applications and services, has released its annual list of “Worst Passwords of the Year.” Data from five million leaked passwords from users in North America and Western Europe were compiled to create the list.

While the Galactic Empire is known for its cybersecurity shortcomings, us earthlings are apparently no different. No doubt buoyed by the released of Star Wars: The Last Jedi, the password “starwars” made the list for the first time, coming in at 16. The rest of the top 20 contain very few surprises.

Here are the top 20 worst passwords of 2017:

  1. 123456
  2. password
  3. 12345678
  4. qwerty
  5. 12345
  6. 123456789
  7. letmein
  8. 1234567
  9. football
  10. iloveyou
  11. admin
  12. welcome
  13. monkey
  14. login
  15. abc123
  16. starwars
  17. 123123
  18. dragon
  19. passw0rd
  20. master

The top 10 remained mostly the same from last year, with “123456” and “password,” coming in as the most and second most used passwords respectively. “123456789” was a new addition at number eight.

So what does this tell us? Despite repeated warnings, people are still being stubborn about choosing secure passwords. Users should create passwords that contain a mix of upper and lowercase letters, numbers and symbols that can’t be easily guessed.

It would also be wise to use two-step authentication whenever possible. This usually means using a fingerprint or receiving a secure pin via email or text message to confirm your login.

It would also be wise for integrators to make sure internet connected devices aren’t using default admin credentials, which has led to a rise in hacked surveillance cameras. Integrators, along with any user of an IoT device, should also ensure that it is using the latest firmware available.

If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our FREE digital newsletters!

Tagged with: Cybersecurity News

About the Author


Steven A. Karantzoulidis is the Web Editor for Security Sales & Integration. He graduated from the University of Massachusetts Amherst with a degree in Communication and has a background in Film, A/V and Social Media.

Security Is Our Business, Too

For professionals who recommend, buy and install all types of electronic security equipment, a free subscription to Commercial Integrator + Security Sales & Integration is like having a consultant on call. You’ll find an ideal balance of technology and business coverage, with installation tips and techniques for products and updates on how to add to your bottom line.

A FREE subscription to the top resource for security and integration industry will prove to be invaluable.

Subscribe Today!

Leave a Reply

Your email address will not be published. Required fields are marked *

Get Our Newsletters