“123456” Once Again Claims Top Spot For Worst Password of The Year

Other poor choices include “password,” “princess,” “qwerty,” “iloveyou” and “welcome,” according to the 2019 list from SplashData.

Admit it, you’ve used one of those known to be simple, hackable passwords at some stage of your life. It’s an understandable temptation, being quick and easy to remember.

This would explain why so many people use bad passwords, while knowing better.


“123456” once again scooped up the award for SplashData’s Annual Worst Passwords List, with “123456789” standing at 2nd place, “qwerty” making 3rd place (up 6 spots from last year) and 4th place being awarded to “password” (dropping 2 spots from last year), 5th place was left open for “1234567”.

Some others that made the top 10 [should] scare you. “12345678,” “12345,” “iloveyou,” “111111,” and “123123,” make it clear that people cannot resist quick number combinations and easy to remember sayings for password usage.

Two new entries, “1q2w3e4r” and “qwertyuiop,” suggest an undying trend for contiguous keys on their keyboards to fashion their next password.

With new programs usually preventing users from creating simple passwords, many older programs, which we have used for ages and usually trust allow for pretty much anything in a password, making them very hackable.

“Doctors are notorious for using personal information in their passwords. Medical practice numbers, names, surnames, cellphone numbers and the name of the hospital they work in are all popular choices,” notes a personal acquaintance who sees these things regularly in his line of work.

We know it’s tricky to devise that hard to crack password, especially in a world where you’re constantly told by experts that each site should have its own unique password too, so we’re here to help.

“Our hope by publishing this list each year is to convince people to take steps to protect themselves online, and we think these and other efforts are finally starting to pay off,” SplashData CEO Morgan Slain said in a press release. “We can tell that over the years people have begun moving toward more complex passwords, though they are still not going far enough as hackers can figure out simple alphanumeric patterns.”

With almost 10% of the population using at least one of the top 25 worst passwords on this year’s list, save time and frustration by strengthening yours passowrds with the following suggestions:

  • Make your passphrases consist of at least 12 letters, mixing up characters. (Not that we would use this one… BUT… “12P@s$w0rD34” is [kinda] what you’re aiming for.)
  • Use different passwords for different logins. One password gets compromised, but a hacker cannot use it to access other sites or accounts. Try turnphrases in stead of completely new passwords so that you at least have a chance of remembering.
  • Try a password manager. A password manager can generate secure and random passwords and automatically log you into websites. Some people may question the security of password managers, especially ones that are unlocked with just a master password and store your data online, albeit in an encrypted format. But until passwords become a relic of the past, a good password manager is your best bet, especially if you have to juggle hundreds of different passwords.

In an era of super hackers and so much out there for us to explore online, a final suggestion would definitely be making use of two-factor authentication applications wherever possible. Biometrics like fingerprint and facial recognition are fine examples, along with code generators.

And if all else seems like way too much drama, read this. It might change your mind.

Leave a Reply

Your email address will not be published. Required fields are marked *