Skip to main content

Top 25 Worst Passwords: 'Password,' '123456' Still on Top

Internet users are continuing to utilize passwords that can be easily guessed, according to SplashData's annual "25 Worst Passwords of the Year" list.

Unsurprisingly, the three most popular passwords for 2012 are the same as last year: "password," "123456," and "12345678." The list was compiled thanks to files containing millions of stolen passwords posted by hackers onto the web.

New entries to the list include the likes of 'jesus,' 'ninja,' and 'password1.' Elsewhere, 'superman,' 'passw0rd,' and 'bailey' have fallen off of the list.

"At this time of year, people enjoy focusing on scary costumes, movies and decorations, but those who have been through it can tell you how terrifying it is to have your identity stolen because of a hacked password," said SplashData CEO Morgan Slain. "We're hoping that with more publicity about how risky it is to use weak passwords, more people will start taking simple steps to protect themselves by using stronger passwords and using different passwords for different websites."

The 2012 list of the 25 worst passwords:

  1. password (unchanged)
  2. 123456 (unchanged)
  3. 12345678 (unchanged)
  4. abc123 (up 1)
  5. qwerty (down 1)
  6. monkey (unchanged)
  7. letmein (up 1)
  8. dragon (up 2)
  9. 111111 (up 3)
  10. baseball (up 1)
  11. iloveyou (up 2)
  12. trustno1 (down 3)
  13. 1234567 (down 6)
  14. sunshine (up 1)
  15. master (down 1)
  16. 123123 (up 4)
  17. welcome (new)
  18. shadow (up 1)
  19. ashley (down 3)
  20. football (up 5)
  21. Jesus (new)
  22. michael (up 2)
  23. ninja (new)
  24. mustang (new)
  25. password1 (new)

Contact Us for News Tips, Corrections and Feedback           

  • killabanks
    people are nuts
    Reply
  • teodoreh
    omg this is my Tom's Hardware login password! ;D
    Reply
  • outlw6669
    Hey, all my work passwords are on the list!
    But that is really more a show of protest to the idiotic IT department at my company.

    Seriously, instead of maintaining a single password for all intercompany services we have to maintain SIX separate passwords for daily use.
    Passwords that must be individually changed on random days in intervals ranging from monthly to every 6 months :heink:

    I can only hope that my firm is badly hacked one day and finally overhauls their IT practices...
    Reply
  • greghome
    Hey!!
    Zak Islam article, not Apple?
    There is hope for this guy yet :P
    Reply
  • greghome
    greghomeHey!!Zak Islam article, not Apple?There is hope for this guy yetLol i guess it didn't get censured ;). Better change it now ;)
    Reply
  • you missed the top 2 worse ones

    actually the worse password is not having a password at all and/or using auto login ;)
    Reply
  • DSpider
    Ninja, dragon? Come on... Baseball? Then we all know where these come from, don't we? Yeah... Americans.
    Reply
  • waxdart
    most of them read like default passwords which I.T. set up and people never bother to change.
    Reply
  • BigBodZod
    Hmm, remind me to change the passcode on my luggage please ;)
    Reply
  • dark_wizzie
    "Ninja", what a boss password.
    Reply