You might have thought that it would be hard to come up with a worse password than ‘password,’ but according to a chart compiled by SplashData from hacked accounts, it has been edged out by ‘123456’.

The far more secure ‘12345678’ (33 percent more secure!) retains its position as number three, while a new entry in sixth place goes as far as ‘123456789’. Sadly, ‘letmein’, a password I always felt deserving of classic status, dropped seven places to achieve a mediocre ranking of 14.

Apple introduced iCloud Keychain as part of Mavericks and iOS 7.0.3, and if you’re not already using it, you can read our how-to guide. If you’re using older versions of OS X or iOS, we also ran a how-to guide on using a password manager to have unique, secure passwords for each website.

Via re/code

Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

16 Responses to “The worst password of all is no longer ‘password’ according to hacked accounts chart”

  1. agsmith87 says:

    Sunshine is 12 & 19?

  2. so how come sunshine has two positions ( 12 & 19 ) in this list?

  3. mockery17 says:

    My favorite has always been ‘drowssap’. No, it’s not a password I use. I use 1Password to save my passwords.

  4. sardonick says:

    Damn. Now I have to change my credit card passwords, my luggage combo, my safe, and my banking password. No worries, I’ll use Password123456 instead.

  5. sardonick says:

    I had forgotten about trustno1. Man that brings back memories. Still amazed at how many people do not take passwords seriously, especially considering what the typical uses.

    • Ben Lovejoy says:

      I can understand people not caring about some random website that forces them to register, but given some of the sites that have been hacked, you have to wonder if some of these people do the same with their embanking logon …

      • sardonick says:

        Sadly I can say from experience some do. I run smack into a wall and beat my head against it when someone repeatedly cusses out the mandatory password requirements of a site by using attempting multiple “bare minimum” passwords, and only choosing a “good” one when they’re forced to by the site. Alas, were it not for them, we would not have jobs.

      • Ben Lovejoy says:

        There is that :-)

      • Henry Bowman says:

        sardonick: Frankly, the worst offender is the Apple ID / App Store / iTunes Store password. You can’t store it in Safari, you can’t supply it from 1Password, and Apple forces you to change it once a quarter. I guess that’s someone’s idea of “great security,” but it is actually WORSE practice, because it forces you to either come up with an endless series of BS passwords you can easily remember, or to write it down on paper somewhere. Incredibly annoying.

      • Ben Lovejoy says:

        Forces you to change it once a quarter? I’ve never been forced to change mine, and have only ever done so twice (both times at my instigation).

  6. ebertek says:

    Number 12 is “admin”.
    Here’s the original article:

  7. degraevesofie says:

    That list seems to be biased by Adobe account passwords. I.e., I can imagine that Adobe’s accounts have many “adobe123″ and “photoshop” passwords, but I suspect that’s not true for other account provides.

  8. It recently came to me to pick a phrase or limerick you really know, and then use just the first letter of each word or syllable. For example, “how much wood would a wood chuck chuck?” would be hmwwawcc. Dunno if this is a unique idea or not…