Security Corner

Oct 25 2012   1:54AM GMT

The 25 most popular (and most insecure) passwords of 2012

Ken Harthun Ken Harthun Profile: Ken Harthun

Halloween is only a week away and everyone is breaking out their scariest costumes. No doubt there will be plenty of fright going around on October 31 — all in good fun, of course — but there is some real-life scary stuff out there that would make Beelzebub squirm. I’m talking about the list of the 25 most popular passwords of 2012 published by Yahoo! on their Plugged In blog. It’s true horror at its best, at least for we Net Admins. Imagine the digital carnage that will certainly ensue, heaven forbid on our own networks.

Here’s the full list, along with how the popularity of the phrase has increased or decreased in the past year:

1. password (Unchanged)
2, 123456 (Unchanged)
3. 12345678 (Unchanged)
4. abc123 (Up 1)
5. qwerty (Down 1)
6. monkey (Unchanged)
7. letmein (Up 1)
8. dragon (Up 2)
9. 111111 (Up 3)
10. baseball (Up 1)
11. iloveyou (Up 2)
12. trustno1 (Down 3)
13. 1234567 (Down 6)
14. sunshine (Up 1)
15. master (Down 1)
16. 123123 (Up 4)
17. welcome (New)
18. shadow (Up 1)
19. ashley (Down 3)
20. football (Up 5)
21. jesus (New)
22. michael (Up 2)
23. ninja     (New)
24. mustang (New)
25. password1 (New)

I wonder how long “password” has been a popular password (probably forever). Will people never learn? Cripes! How hard is it to remember to at least pad it with some random characters. 89password(* is so much more secure and not at all difficult to remember. Send anyone you know who is guilty of using such weak passwords to Steve Gibson’s Password Haystacks page so they can learn how to create a personal padding pattern. Then, they can use all the simple (padded) passwords they want.

3  Comments on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • valmsmith
    Sending folks to GRC for lessons in online security is a great idea. I have been sending users there for years. I wish more people who go to the site would pay heed to what they hear there, if they did, we would have far less damage control to follow up on, and the web would be much safer, especially for our children and loved ones.
    870 pointsBadges:
    report
  • Ken Harthun
    Steve Gibson's Security Now! podcast has been a favorite of mine since episode 1. Every now and then someone I refer to that site tells me they have changed their online behavior as a result. We just have to be persistent and keep our messages constantly in play.
    1,215 pointsBadges:
    report
  • sanjuraje
    very good explanation of how to make secure password,even though it is simple and common....
    10 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: