You might have thought that it would be hard to come up with a worse password than ‘password,’ but according to a chart compiled by SplashData from hacked accounts, it has been edged out by ‘123456’.
The far more secure ‘12345678’ (33 percent more secure!) retains its position as number three, while a new entry in sixth place goes as far as ‘123456789’. Sadly, ‘letmein’, a password I always felt deserving of classic status, dropped seven places to achieve a mediocre ranking of 14.
Apple introduced iCloud Keychain as part of Mavericks and iOS 7.0.3, and if you’re not already using it, you can read our how-to guide. If you’re using older versions of OS X or iOS, we also ran a how-to guide on using a password manager to have unique, secure passwords for each website.
Via re/code
FTC: We use income earning auto affiliate links. More.
Sunshine is 12 & 19?
so how come sunshine has two positions ( 12 & 19 ) in this list?
My favorite has always been ‘drowssap’. No, it’s not a password I use. I use 1Password to save my passwords.
000000 lol…
Damn. Now I have to change my credit card passwords, my luggage combo, my safe, and my banking password. No worries, I’ll use Password123456 instead.
I had forgotten about trustno1. Man that brings back memories. Still amazed at how many people do not take passwords seriously, especially considering what the typical uses.
I can understand people not caring about some random website that forces them to register, but given some of the sites that have been hacked, you have to wonder if some of these people do the same with their embanking logon …
Sadly I can say from experience some do. I run smack into a wall and beat my head against it when someone repeatedly cusses out the mandatory password requirements of a site by using attempting multiple “bare minimum” passwords, and only choosing a “good” one when they’re forced to by the site. Alas, were it not for them, we would not have jobs.
There is that :-)
sardonick: Frankly, the worst offender is the Apple ID / App Store / iTunes Store password. You can’t store it in Safari, you can’t supply it from 1Password, and Apple forces you to change it once a quarter. I guess that’s someone’s idea of “great security,” but it is actually WORSE practice, because it forces you to either come up with an endless series of BS passwords you can easily remember, or to write it down on paper somewhere. Incredibly annoying.
Forces you to change it once a quarter? I’ve never been forced to change mine, and have only ever done so twice (both times at my instigation).
Number 12 is “admin”.
Here’s the original article: http://splashdata.com/press/worstpasswords2013.htm
That list seems to be biased by Adobe account passwords. I.e., I can imagine that Adobe’s accounts have many “adobe123” and “photoshop” passwords, but I suspect that’s not true for other account provides.
You’d likely see the equivalent, though, I wonder how many Apple ID passwords are apple123?
It recently came to me to pick a phrase or limerick you really know, and then use just the first letter of each word or syllable. For example, “how much wood would a wood chuck chuck?” would be hmwwawcc. Dunno if this is a unique idea or not…
It’s not particularly new. I remember people doing that in the past. The problem comes when you use the same password for multiple sites.