Update: PureVPN is celebrating World Password Day and hopes to educate internet users regarding the importance of keeping secure passwords of all online accounts.
“Needless to say, if any one of the PA55W0RD on this list is yours, you should change it immediately.”
Because they happen to be the worst passwords of 2018, according to a security group, SplashData, who analyzed over 5 million passwords leaked on the internet and found that people are still using them.
The topmost worst 100 password list is a real head scratcher with ‘123456’ at the very top and the word ‘password’ ranking second for the 5th consecutive year.
With many highly publicized cybersecurity incidents last year, such as Facebook’s Cambridge Analytica scandal, Quora’s 100 million accounts being hacked, 2 million T-Mobile accounts being compromised, it is beyond baffling to see people continue using weak and easy-to-guess passwords to protect their online information.
Here’s the 8th Annual List of Top 25 (of 100) Worst Passwords of 2018 Compared to 2017 (Published by Splashdata).
#1 12345 12345
#2 password password
#3 12345678 123456789
#4 qwerty 12345678
#5 12345 12345
#6 123456789 111111
#7 letmein 1234567
#8 1234567 sunshine
#9 football qwerty
#10 iloveyou iloveyou
#11 admin princess
#12 welcome admin
#13 monkey welcome
#14 login 666666
#15 abc123 abc123
#16 starwars football
#17 123123 123123
#18 dragon monkey
#19 passw0rd 654321
#20 master !@#$%^&*
#21 hello charlie
#22 freedom aa123456
#23 whatever donald
#24 qazwsx password1
#25 trustno1 qwerty123
If your password is on the top 25 list, please change it now.
“When your accounts are “Hacked” due to “short simple and pretty easy to crack Passwords”, only you are to blame.”
Let’s stopped saying “hacked” in the news headlines and start saying “used a shit password” instead! https://t.co/3t8ILkWNrc
— Troy Hunt (@troyhunt) November 6, 2018
Our online accounts hold sensitive information including private photos, phone numbers, home address, places you visit, your work address, your financials, political views, birthdays and pretty much everything else.
“Yet most of us use – repeated, easy to remember, quickly to type – weak passwords to protect our privacy.”
We are creatures of habit. We find a password we like, which is most likely easy to remember, and we stick to it. We literally keep using the same password, with little-to-no variations over extended periods.
But are we to blame?
“It is nearly impossible for a human mind to memorize a unique and a complicated password for every platform.”
I can’t remember different pws for my personal email, my office email, my Facebook, Twitter, Instagram, my Amazon, Netflix… the list goes on. It would be over 50 passwords and I am being modest with the number.
I sincerely advise every PureVPN user to change their passwords periodically, whether its their VPN password, email, online banking and everything else in between.
So what’s the way out?
“Tools like ‘Password Managers’ are the best way out to protect your online accounts with ‘Unique’ and ‘Unbreakable’ passwords without the need of memorizing them.”
A password manager saves you a lot of thinking in terms of generating a hard-to-crack password and eliminates the risks associated with reusing them. It also stores your passwords in encrypted form, so you don’t have to remember or worry about losing them.
Here are the remaining 75 Worst Password that made their way to 2018’s list.
I sincerely hope your password is NOT on any of the lists shared above.
But does it necessarily mean you are absolutely secure?
Let’s run a check.
“Recall your password in your head and re-evaluate to check whether it meets the ‘Weak Password’ criteria listed below; If it does, change it now before it debuts on next year’s list.”
Weak Password criteria:
1. 1-8 character long
2. Your first, middle, last or a nickname
3. Your email address or phone number
4. Your lover, partner, kid, friend, pet or a common name
5. Your zodiac sign, your birthday, anniversary and other important dates
6. Your favorite car, location, color, food or a brand name
7. Your favorite superhero, movie, sports, athlete or a team name
8. Using same password twice to meet password length requirement
9. Most common keyboard combinations (listed below)
10. Reusing passwords for multiple accounts
11. Passwords stored in a personal diary or an excel sheet
12. Using dictionary words
So, what does a strong password look like?
“A ‘Strong Password’ is at least 10 characters long, contains at least one uppercase (A-Z), lowercase (a-z), one digit (0-9) with at least one special character (~`!@#$%^..) and is unique for your every online account.”
image source: WP Engine
Of course, SplashData’s list is tongue in cheek. It does ring serious alarm bells for users to protect their privacy, especially since account breaches are becoming much more commonplace.
So, what about your password? I’d love to hear about some of your password bloopers.
What’s the worst password you’ve ever had? The corniest?
How often do you forget your passwords? Share your comments below!