Worst Passwords for 2017 Include Repeat Offenders ‘123456,’ ‘Password’

Despite repeated warnings from IT security professionals, many people are still using insecure and easily guessed passwords such as "123456" and "password," according to the seventh annual Worst Passwords report from the identity protection company SplashData.

The Los Gatos, Calif.-based company compiles its annual list from the millions of passwords revealed by security breaches and leaks over the course of the year. In addition to repeat offenders such as "123456" and "password," which have appeared at the top of SplashData's list for the past four years, new leading contenders for worst password in 2017 include "starwars" in 16th place.

Online breaches and hacks this year have threatened the usernames and passwords of billions of people. For example, a single file discovered recently on the dark web contained a database of 1.4 billion user credentials in unencrypted cleartext.

'Hackers Know Your Tricks'

By using common passwords, online users are increasing their risks of losing valuable data to hackers, according to SplashData CEO Morgan Slain. Even variations that add extra numbers or replace the letter "o" with the numeral "0" are easy to guess, leaving people who use them vulnerable.

"Hackers know your tricks, and merely tweaking an easily guessable password does not make it secure," Slain said in a statement. "Our hope is that our Worst Passwords of the Year list will cause people to take steps to protect themselves online."

After the returning top two worst passwords, other leading entries on this year's list include "12345678," "qwerty," "12345," "123456789," "letmein," "1234567," "football," and "iloveyou." In addition to "starwars," other new entries for 2017 include "whatever," "trustno1," and "qazwsx." That last password, based on the leftmost keys on a standard keyboard, demonstrates "the importance of avoiding simple patterns," SplashData said.

Use Password Managers, 2FA

A recent study by Microsoft partner EPCGroup found that...

Comments are closed.