The 25 most popular (and most insecure) passwords of 2012

Halloween is only a week away and everyone is breaking out their scariest costumes. No doubt there will be plenty of fright going around on October 31 — all in good fun, of course — but there is some real-life scary stuff out there that would make Beelzebub squirm. I’m talking about the list of the 25 most popular passwords of 2012 published by Yahoo! on their Plugged In blog. It’s true horror at its best, at least for we Net Admins. Imagine the digital carnage that will certainly ensue, heaven forbid on our own networks.

Here’s the full list, along with how the popularity of the phrase has increased or decreased in the past year:

1. password (Unchanged)
2, 123456 (Unchanged)
3. 12345678 (Unchanged)
4. abc123 (Up 1)
5. qwerty (Down 1)
6. monkey (Unchanged)
7. letmein (Up 1)
8. dragon (Up 2)
9. 111111 (Up 3)
10. baseball (Up 1)
11. iloveyou (Up 2)
12. trustno1 (Down 3)
13. 1234567 (Down 6)
14. sunshine (Up 1)
15. master (Down 1)
16. 123123 (Up 4)
17. welcome (New)
18. shadow (Up 1)
19. ashley (Down 3)
20. football (Up 5)
21. jesus (New)
22. michael (Up 2)
23. ninja     (New)
24. mustang (New)
25. password1 (New)

I wonder how long “password” has been a popular password (probably forever). Will people never learn? Cripes! How hard is it to remember to at least pad it with some random characters. 89password(* is so much more secure and not at all difficult to remember. Send anyone you know who is guilty of using such weak passwords to Steve Gibson’s Password Haystacks page so they can learn how to create a personal padding pattern. Then, they can use all the simple (padded) passwords they want.