'123456' Is Still The Most Common Password In 2017, But The List Now Includes 'starwars'


The worst and most common passwords of 2017 are in, and the reigning champ is still "123456."

Next in line is "password," which isn't really any better. Interestingly, the results show that there are a ton of Star Wars fans out there, as the notable newcomer in the list is, well, "starwars."

Most Common Passwords 2017

Right from the get-go, here's the list of worst passwords that you probably shouldn't use ever:

• 123456

• password

• 12345678

• qwerty

• 12345

• 123456789

• letmein

• 1234567

• football

• iloveyou

• admin

• welcome

• monkey

• login

• abc123

• starwars

• 123123

• dragon

• passw0rd

• master

• hello

• freedom

• whatever

• qazwsx

• trustno1

The info you see here is courtesy of SplashData, the developer of the password-managing apps SplashID, TeamsID, and Gpass. According to the company, it built the list above from the ground up using over 5 million passwords that were leaked in 2017.

It should be noted that it didn't count the passwords from the Yahoo breach and adult websites.

What Went Up, What Went Down, And What Retained Their Spots

The thing with "123456" is that 2016 saw it as the most common password and so did 2015, and that's been going on since 2013, meaning it's the worst password for five years in a row now.

Notably, "password" is still at the number 2 spot, while "1234567" and "welcome" at numbers 8 and 12 respectively.

Aside from "starwars" sitting at number 16, other new entries include "123456789" at number 6, "letmein" at number 7, "iloveyou" at number 10, "monkey" at number 13, "123123" at number 17, "hello" at number 21, "freedom" at number 22, "whatever" at number 23, "qazwsx" at number 24, and "trustno1" at number 25.

Now it's worth mentioning that this isn't the first time "starwars" made the list, as it turned up at the number 25 spot in 2015. Even though it's not high up, SplashData highly recommends against using it and other passwords like it.

"Hackers are using common terms from pop culture and sports to break into accounts online because they know many people are using those easy-to-remember words," Morgan Slain, CEO of SplashData, said.

Needless to say, you should start using password managers if you want to stay relatively safer online, but you should know that it's not a foolproof solution.

SplashData also published the top 100 worst passwords of 2017 (PDF) too, for the curious.

With all said and done, what do we make of this? We just never learn.

ⓒ 2018 All rights reserved. Do not reproduce without permission.
Real Time Analytics