We’re less than two weeks out from the start of 2018, and that can only mean one thing: it’s time to look back at some of the worst passwords of the year. This year was particularly bad for online security, with many companies reporting breaches that left customer data exposed. Of course, we also have the Yahoo breaches that were revealed late last year, leaving hundreds of millions of accounts at risk.
You would think that internet denizens would begin using more secure passwords in the wake of so many breaches. As it does every year, SplashData is showing us that such hope is merely a fool’s hope. Today it published its list of the worst 100 passwords of 2017, and some very familiar entries top it.
Taking home the number one spot on the list is “123456” which is followed closely by – you guessed it – “password.” The passwords rounding out the top 10 don’t instill much in way of confidence in our fellow humans, with passwords like “qwerty” and “football” making appearances. We also see a healthy dose of apathy present on the list, with passwords like “whatever,” “blahblah,” and “biteme” managing to make the top 100.
It should go without saying that none of the passwords in the top 100 are actually secure. We can likely extrapolate SplashData’s findings to assume that many people who use passwords like this aren’t using unique passwords across their various online identities. That puts these users at even more risk the next time one of these breaches happen, which isn’t good.
You can peruse SplashData’s full list of the 100 worst passwords here. If you find your password of choice on that list, then it’s definitely time to look into something like a password manager. Here’s hoping that the state of our passwords get better in 2018, but we won’t be holding out breath for much progress on that front.