Most used passwords of 2016
Believe it or not, but for the 5th year in a row, ‘123456’ and ‘password’ top the annual “Worst Passwords List" published in SplashData’s annual report of 2016.
Los Gatos, CA – SplashData has announced its annual list of the 25 most common passwords, compiled from more than five million passwords leaked during the year.
What do we learn from it?
Millions of users still continue putting themselves at risk by continuing to use easily guessable passwords. And when comparing SplashData’s lists of the past five years, clearly not a lot has changed.
“123456”and “password” continue to hold the top two spots in 2016 and three variations of “password” appear in the list. It also strikes that simple numerical passwords remain common, with six of the top 10 passwords comprised of numbers only in the 2016 password ranking.
When comparing with last year's SplashData report, 17 bad passwords stay in the top-25 ranking, amongst them also the Star Wars-themed choices “princess” and “solo”. Eight bad passwords dropped off the top-25 list of 2016 and were replaces by new ones like flower, sunshine, hottie and loveme. Another new entry is “zaq1zaq1” which is a pattern on the left side of many standard keyboards.
| Password | Ranking 2016 |
|
123456
|
1
|
| password | 2 |
| 12345 | 3 |
| 12345678 | 4 |
| football | 5 |
| qwerty | 6 |
| 1234567890 | 7 |
| 1234567 | 8 |
| princess | 9 |
| 1234 | 10 |
| login | 11 |
| welcome | 12 |
| solo | 13 |
| abc123 | 14 |
| admin | 15 |
| 121212 | 16 |
| flower | 17 |
| passw0rd | 18 |
| dragon | 19 |
| sunshine | 20 |
| master | 21 |
| hottie | 22 |
| loveme | 23 |
| zaq1zaq1 | 24 |
| password1 | 25 |
| Password | Ranking over past 5 years |
| 123456 | 1 |
| password | 2 |
| 12345678 | 3 |
| qwerty | 4 |
| 123456789 | 5 |
| 12345 | 6 |
| baseball | 7 |
| 1234567 | 8 |
| abc123 | 9 |
| adobe123 | 10 |
| iloveyou | 11 |
| 1234 | 12 |
| football | 13 |
| 1234567890 | 14 |
| 111111 | 15 |
| dragon | 16 |
| monkey | 17 |
| letmein | 18 |
| welcome | 19 |
| admin | 20 |
| 1qaz2wsx | 21 |
| photoshop | 22 |
| login | 23 |
| 121212 | 24 |
| 123123 | 25 |
Our advise
Use strong passwords of at least 10 characters, preferably with a combination of upper and lowercase letters, numbers and symbols. You might say that these are hard to remember, but a way to work around that is to use a phrase:
That time I slipped on an ugly Banana Peel $ => TtIsoauBP$
We also advise not to use the same password on every website because once it get’s stolen, all your login credentials are compromised at once.
You might consider the usage of a password manager to avoid this risk, but the drawback of this solution is that you password managers keep all your user names and passwords in one central password store. A hacker only needs to crack the master password to access all your private account credentials.
Therefor we recommend to use KeyHasher.
KeyHasher is a strong password generator. Unlike password managers, it is not vulnerable to password theft because your password information is not being stored.
