Top 25 Worst Passwords: 'Password,' '123456' Still on Top

[zakislam]

Top three worst passwords from last year remain unchanged.

Top 25 Worst Passwords: 'Password,' '123456' Still on Top : Read more

 

[killabanks]

people are nuts

 

[teodoreh]

omg this is my Tom's Hardware login password! ;D

 

[outlw6669]

Hey, all my work passwords are on the list!
But that is really more a show of protest to the idiotic IT department at my company.

Seriously, instead of maintaining a single password for all intercompany services we have to maintain SIX separate passwords for daily use.
Passwords that must be individually changed on random days in intervals ranging from monthly to every 6 months

I can only hope that my firm is badly hacked one day and finally overhauls their IT practices...

 

[greghome]

Hey!!
Zak Islam article, not Apple?
There is hope for this guy yet

 

[greghome]

[citation][nom]greghome[/nom]Hey!!Zak Islam article, not Apple?There is hope for this guy yet[/citation]
Lol i guess it didn't get censured . Better change it now

 

[Guest]

you missed the top 2 worse ones

actually the worse password is not having a password at all and/or using auto login

 

[DSpider]

Ninja, dragon? Come on... Baseball? Then we all know where these come from, don't we? Yeah... Americans.

 

[waxdart]

most of them read like default passwords which I.T. set up and people never bother to change.

 

[BigBodZod]

Hmm, remind me to change the passcode on my luggage please

 

[BoredErica]

"Ninja", what a boss password.

 

[mariusmotea]

The site that make that password list is very insecure. All passwords must be stored encrypted with MD5 (or something irreversible). Any information leakage will compromise any account.

 

[Cryio]

Lol, the 4th one is my school computers password :|.

 

[adgjlsfhk]

are school gives students default "student12345". Also, my parents set internet parental controls for my sister last year the list of passwords: parental controls, kidproof, lolz, omg1, huge pita

 

[vittau]

[citation][nom]dark_wizzie[/nom]"Ninja", what a boss password.[/citation]
What about trustno1, so hardcore.

 

[mortsmi7]

Good. Looks like "password5" is still safe.

 

[mobrocket]

dragon, ashley, michael are more common than password1...
that is very surprising to me

 

[synth0]

Interesting... how does that company "SplashData" even get *all the passwords* to be ranked in the first place?

 

[blppt]

[citation][nom]bigbodzod[/nom]Hmm, remind me to change the passcode on my luggage please[/citation]

+1000 for the Mel Brooks reference, ROFL.

 

[christop]

Funny the people who use such simple password are like um my account was hacked I don't know what's going on....

 

[cats_Paw]

LetMeIn, Iloveyou. Its more like talking to a girl rather than a PC password ... (btw i already commneted this but my comment vaniesd... weird).

 

[headscratcher]

There are many places that limit you to a low number of characters, like 12 for your password. This aggravates me. Why not let me have 100 characters if I can remember them?
I do keep a week easy to remember password for crap that I don't care about, like random website login.

 

[Solandri]

[citation][nom]synth0[/nom]Interesting... how does that company "SplashData" even get *all the passwords* to be ranked in the first place?[/citation]
Two ways.

1) Some major security breaches at stupid sites have resulted in entire password databases made public. You can simply parse them and sort according to frequency.

2) The smart sites store password hashes, not the passwords themselves. In this case, you simply run a bunch of dictionary words, common phrases, and common obfuscations (adding a digit, capitalizing certain letters, etc) through the hash algorithm. Then you compare the resulting hashes to those in the password hash database. If there's a match, you know which password resulted in that hash.

The really smart sites also salt their passwords (add extra data to the password before hashing), so you can't simply run passwords through commonly-used hashing algorithm to get your hashes. You have to also know the salt used by the site.

 

[reprotected]

What about "incorrect"?

 

[bin1127]

why would abc123 be a common password? it's so slow to type. 123456 makes the most sense for the lazy.