The year 2018 is coming to an end, and folks at SplashData have revealed the list of the worst passwords of 2018. The top two spots are occupied by the same terrible ones that have been there for five straight years. I’m talking about 123456 at number one and password at number two. It means despite repeated warnings from software companies, security firms, and experts, millions of people have learned nothing about online security. If you use any of the top 100 worst passwords, you are putting your online security at risk.
‘donald’ is one of the worst passwords of 2018
There are a few new entrants to the list as well. The most interesting of them is donald, which was ranked 23rd in the list. SplashData CEO Morgan Slain said in a statement, “Sorry Mr. President, but this is not fake news – using your name or any common name as a password is a dangerous decision.”
Other new entrants are princess at number 11 and 666666 at 14th place. Hackers can easily guess passwords with celebrity names, simple keyboard patterns, and terms from sports and pop culture to hack a victim’s accounts. People use such easy-to-remember passwords without realizing the risk.
SplashData analyzed more than 5 million passwords leaked on the Internet to compile the list. It found that more than 3% people have used the 123456 password, and at least 10% used one of the top 25. Even celebrities often use terrible passcodes. During a meeting with President Donald Trump, Kanye West was seen unlocking his iPhone with passcode 000000.
It’s alarming that people continue to use weak passwords despite highly publicized data leaks at Marriott, National Republican Congressional Committee, Facebook, and Google Plus. People often use predictable passwords such as celebrity names and their own names. That’s even more frightening if you use the same password for multiple services.
SplashData hopes that its annual ranking of the worst passwords will encourage people to set strong ones.
Here are the top 25 worst passwords of 2018:
You can check out the full list here. If you find your own password among the worst passwords of 2018, it’s not something worth bragging about. Consider changing your password immediately.
Picking a strong password
SplashData recommends that you use passphrases of 12 or more characters with mixed type of characters. Also, use a different password for each service/platform. If a hacker manages to break into one of your accounts, they will not be able to use the same password to access your accounts on other platforms.
It could be overwhelming to remember all the different and complex passwords. You can use password manager apps to keep your passwords secure and log into websites automatically. The password manager tools can also help you generate strong passwords.
In recent years, many websites and apps require users to set up password with random numbers, alphabets, symbols, and a mix of upper and lower case characters. It’s still not the most secure way as people could pick something like Donald1! or Football1. Most platforms still don’t push their users to set strong passwords.
According to Have I Been Pwned, more than 5.6 billion accounts have leaked in the last few years. The Marriott data breach alone affected more than 500 million customers. Leaks at Facebook, Google+, Yahoo, and others have affected over a billion accounts.
According to security researchers, more than 50% people use predictable passwords that hackers or automated software tools could crack without much difficulty. With a large number of people using the same weak password across multiple platforms, hackers could gain access to thousands and thousands of accounts.