{"id":17582,"date":"2012-08-16T18:25:16","date_gmt":"2012-08-16T22:25:16","guid":{"rendered":"http:\/\/rbach.net\/blog\/index.php\/"},"modified":"2022-08-26T16:19:07","modified_gmt":"2022-08-26T20:19:07","slug":"25-most-used-passwords","status":"publish","type":"post","link":"https:\/\/rbach.net\/index.php\/25-most-used-passwords\/","title":{"rendered":"25 Most-Used Passwords Revealed"},"content":{"rendered":"

\"25Rachel King<\/a> at ZDNet’<\/a>s<\/em> Zero Day<\/a><\/em> writes<\/a> that the recent data breaches at LinkedIn<\/a>, Last.fm<\/a>, and eHarmony<\/a> has put passwords<\/a> back in the spotlight. Unfortunately, many people still rely on \u201cpassword\u201d<\/strong> to secure their digital identity. Antivirus software provider ESET<\/a> noted<\/a> some recent work<\/a> by IT security<\/a> consultant Mark Burnett<\/a> who has compiled a list of the \u201ctop 500 worst (aka most common) passwords\u201d based on a variety of methods he has detailed on his blog. The entire list is available here (ZIP).<\/p>\n

25 Worst passwords<\/h2>\n\n\n\n\n\t\n\t\n\t\n\t\n\t\n\t\n\t\n\t\n\t\n\t\n\t\n\t\n\t\n\t\n\t\n\t\n\t\n\t\n\t\n\t\n\t\n\t\n\t\n\t\n\t\n\t
2012<\/td>2011<\/td>\n<\/tr>\n
password
\n<\/td>		password
\n<\/td>\n<\/tr>\n
123456
\n<\/td>		123456
\n<\/td>\n<\/tr>\n
12345678
\n<\/td>		12345678
\n<\/td>\n<\/tr>\n
1234
\n<\/td>		qwerty
\n<\/td>\n<\/tr>\n
qwerty
\n<\/td>		abc123
\n<\/td>\n<\/tr>\n
12345
\n<\/td>		monkey
\n<\/td>\n<\/tr>\n
dragon
\n<\/td>		1234567
\n<\/td>\n<\/tr>\n
pussy
\n<\/td>		letmein
\n<\/td>\n<\/tr>\n
baseball
\n<\/td>		trustno1
\n<\/td>\n<\/tr>\n
football
\n<\/td>		dragon
\n<\/td>\n<\/tr>\n
letmein
\n<\/td>		baseball
\n<\/td>\n<\/tr>\n
monkey
\n<\/td>		111111
\n<\/td>\n<\/tr>\n
696969
\n<\/td>		iloveyou
\n<\/td>\n<\/tr>\n
abc123
\n<\/td>		master
\n<\/td>\n<\/tr>\n
mustang
\n<\/td>		sunshine
\n<\/td>\n<\/tr>\n
michael
\n<\/td>		ashley
\n<\/td>\n<\/tr>\n
shadow
\n<\/td>		bailey
\n<\/td>\n<\/tr>\n
master
\n<\/td>		passw0rd
\n<\/td>\n<\/tr>\n
jennifer
\n<\/td>		shadow
\n<\/td>\n<\/tr>\n
111111
\n<\/td>		123123
\n<\/td>\n<\/tr>\n
2000
\n<\/td>		654321
\n<\/td>\n<\/tr>\n
jordan<\/td>superman
\n<\/td>\n<\/tr>\n
superman<\/td>qazwsx<\/td>\n<\/tr>\n
harley<\/td>michael<\/td>\n<\/tr>\n
1234567<\/td>football<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n2012 data from xato.net and 2011 data from SplashData.com<\/span>\n\n

rb-<\/strong>
\n\"WhyApproximately 2\/3’s of the worst passwords stayed the same between 2011 and 2012. Are your users’ passwords on this list? If so, it\u2019s safe to say you should consider a password change policy to force them into using a stronger password.<\/em><\/p>\n

I have written about passwords since at least 2010 – here<\/a>, here<\/a>, and here<\/a>. When will they listen?<\/em><\/p>\n

Related articles<\/h6>\n