{"id":17582,"date":"2012-08-16T18:25:16","date_gmt":"2012-08-16T22:25:16","guid":{"rendered":"http:\/\/rbach.net\/blog\/index.php\/"},"modified":"2022-08-26T16:19:07","modified_gmt":"2022-08-26T20:19:07","slug":"25-most-used-passwords","status":"publish","type":"post","link":"https:\/\/rbach.net\/index.php\/25-most-used-passwords\/","title":{"rendered":"25 Most-Used Passwords Revealed"},"content":{"rendered":"<p><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" class=\"alignleft wp-image-98319 \" title=\"25 Most-Used Passwords Revealed\" src=\"https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/passwords-1.jpg?resize=107%2C76&#038;ssl=1\" alt=\"25 Most-Used Passwords Revealed\" width=\"107\" height=\"76\" srcset=\"https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/passwords-1.jpg?resize=150%2C106&amp;ssl=1 150w, https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/passwords-1.jpg?resize=75%2C53&amp;ssl=1 75w, https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/passwords-1.jpg?w=500&amp;ssl=1 500w\" sizes=\"auto, (max-width: 107px) 100vw, 107px\" \/><a title=\"Rachel King\" href=\"https:\/\/web.archive.org\/web\/20141203220322\/http:\/\/www.zdnet.com\/meet-the-team\/us\/rachel.king\/\" target=\"_blank\" rel=\"noopener noreferrer\">Rachel King<\/a> at <em><a title=\"ZDNet\" href=\"http:\/\/www.zdnet.com\/\" target=\"_blank\" rel=\"noopener noreferrer\">ZDNet&#8217;<\/a>s<\/em> <em><a title=\"Zero Day\" href=\"http:\/\/www.zdnet.com\/blog\/security\/\" target=\"_blank\" rel=\"noopener noreferrer\">Zero Day<\/a><\/em> <a title=\"25 most-used passwords revealed: Is yours one of them?\" href=\"http:\/\/www.zdnet.com\/blog\/security\/25-most-used-passwords-revealed-is-yours-one-of-them\/12427\" target=\"_blank\" rel=\"noopener noreferrer\">writes<\/a> that the recent data breaches at <a title=\"6.46 million LinkedIn passwords leaked online\" href=\"http:\/\/www.zdnet.com\/blog\/btl\/6-46-million-linkedin-passwords-leaked-online\/79290\" target=\"_blank\" rel=\"noopener noreferrer\">LinkedIn<\/a>, <a title=\"Last.fm investigating 'security issue', passwords leaked\" href=\"http:\/\/www.zdnet.com\/blog\/security\/last-fm-investigating-security-issue-passwords-leaked\/12358\" target=\"_blank\" rel=\"noopener noreferrer\">Last.fm<\/a>, and <a title=\"eHarmony member passwords compromised\" href=\"http:\/\/news.cnet.com\/8301-1009_3-57448672-83\/eharmony-member-passwords-compromised\/\" target=\"_blank\" rel=\"noopener noreferrer\">eHarmony<\/a> has put <a title=\"Password\" href=\"http:\/\/en.wikipedia.org\/wiki\/Password\" target=\"_blank\" rel=\"wikipedia noopener noreferrer\">passwords<\/a> back in the spotlight. Unfortunately, many<strong> people still rely on \u201cpassword\u201d<\/strong> to secure their digital identity. Antivirus software provider <a href=\"http:\/\/www.eset.com\/us\/\" target=\"_blank\" rel=\"noopener noreferrer\">ESET<\/a> <a href=\"http:\/\/blog.eset.com\/2012\/06\/07\/passwords-and-pins-the-worst-choices\" target=\"_blank\" rel=\"noopener noreferrer\">noted<\/a> some <a href=\"https:\/\/web.archive.org\/web\/20150315154609\/https:\/\/xato.net\/passwords\/more-top-worst-passwords\/\" target=\"_blank\" rel=\"noopener noreferrer\">recent work<\/a> by <a title=\"Information security\" href=\"https:\/\/www.techopedia.com\/definition\/10282\/information-security-is\" target=\"_blank\" rel=\"noopener noreferrer\">IT security<\/a> consultant <a href=\"https:\/\/markburnett.carrd.co\/\" target=\"_blank\" rel=\"noopener noreferrer\">Mark Burnett<\/a> who has compiled a list of the \u201ctop 500 worst (aka most common) passwords\u201d based on a variety of methods he has detailed on his blog. The entire list is available here (ZIP).<\/p>\n<h2 id=\"tablepress-22-name\" class=\"tablepress-table-name tablepress-table-name-id-22\">25 Worst passwords<\/h2>\n\n<table id=\"tablepress-22\" class=\"tablepress tablepress-id-22\" aria-labelledby=\"tablepress-22-name\" aria-describedby=\"tablepress-22-description\">\n<tbody class=\"row-striping\">\n<tr class=\"row-1\">\n\t<td class=\"column-1\">2012<\/td><td class=\"column-2\">2011<\/td>\n<\/tr>\n<tr class=\"row-2\">\n\t<td class=\"column-1\">password<br \/>\n<\/td><td class=\"column-2\">password<br \/>\n<\/td>\n<\/tr>\n<tr class=\"row-3\">\n\t<td class=\"column-1\">123456<br \/>\n<\/td><td class=\"column-2\">123456<br \/>\n<\/td>\n<\/tr>\n<tr class=\"row-4\">\n\t<td class=\"column-1\">12345678<br \/>\n<\/td><td class=\"column-2\">12345678<br \/>\n<\/td>\n<\/tr>\n<tr class=\"row-5\">\n\t<td class=\"column-1\">1234<br \/>\n<\/td><td class=\"column-2\">qwerty<br \/>\n<\/td>\n<\/tr>\n<tr class=\"row-6\">\n\t<td class=\"column-1\">qwerty<br \/>\n<\/td><td class=\"column-2\">abc123<br \/>\n<\/td>\n<\/tr>\n<tr class=\"row-7\">\n\t<td class=\"column-1\">12345<br \/>\n<\/td><td class=\"column-2\">monkey<br \/>\n<\/td>\n<\/tr>\n<tr class=\"row-8\">\n\t<td class=\"column-1\">dragon<br \/>\n<\/td><td class=\"column-2\">1234567<br \/>\n<\/td>\n<\/tr>\n<tr class=\"row-9\">\n\t<td class=\"column-1\">pussy<br \/>\n<\/td><td class=\"column-2\">letmein<br \/>\n<\/td>\n<\/tr>\n<tr class=\"row-10\">\n\t<td class=\"column-1\">baseball<br \/>\n<\/td><td class=\"column-2\">trustno1<br \/>\n<\/td>\n<\/tr>\n<tr class=\"row-11\">\n\t<td class=\"column-1\">football<br \/>\n<\/td><td class=\"column-2\">dragon<br \/>\n<\/td>\n<\/tr>\n<tr class=\"row-12\">\n\t<td class=\"column-1\">letmein<br \/>\n<\/td><td class=\"column-2\">baseball<br \/>\n<\/td>\n<\/tr>\n<tr class=\"row-13\">\n\t<td class=\"column-1\">monkey<br \/>\n<\/td><td class=\"column-2\">111111<br \/>\n<\/td>\n<\/tr>\n<tr class=\"row-14\">\n\t<td class=\"column-1\">696969<br \/>\n<\/td><td class=\"column-2\">iloveyou<br \/>\n<\/td>\n<\/tr>\n<tr class=\"row-15\">\n\t<td class=\"column-1\">abc123<br \/>\n<\/td><td class=\"column-2\">master<br \/>\n<\/td>\n<\/tr>\n<tr class=\"row-16\">\n\t<td class=\"column-1\">mustang<br \/>\n<\/td><td class=\"column-2\">sunshine<br \/>\n<\/td>\n<\/tr>\n<tr class=\"row-17\">\n\t<td class=\"column-1\">michael<br \/>\n<\/td><td class=\"column-2\">ashley<br \/>\n<\/td>\n<\/tr>\n<tr class=\"row-18\">\n\t<td class=\"column-1\">shadow<br \/>\n<\/td><td class=\"column-2\">bailey<br \/>\n<\/td>\n<\/tr>\n<tr class=\"row-19\">\n\t<td class=\"column-1\">master<br \/>\n<\/td><td class=\"column-2\">passw0rd<br \/>\n<\/td>\n<\/tr>\n<tr class=\"row-20\">\n\t<td class=\"column-1\">jennifer<br \/>\n<\/td><td class=\"column-2\">shadow<br \/>\n<\/td>\n<\/tr>\n<tr class=\"row-21\">\n\t<td class=\"column-1\">111111<br \/>\n<\/td><td class=\"column-2\">123123<br \/>\n<\/td>\n<\/tr>\n<tr class=\"row-22\">\n\t<td class=\"column-1\">2000<br \/>\n<\/td><td class=\"column-2\">654321<br \/>\n<\/td>\n<\/tr>\n<tr class=\"row-23\">\n\t<td class=\"column-1\">jordan<\/td><td class=\"column-2\">superman<br \/>\n<\/td>\n<\/tr>\n<tr class=\"row-24\">\n\t<td class=\"column-1\">superman<\/td><td class=\"column-2\">qazwsx<\/td>\n<\/tr>\n<tr class=\"row-25\">\n\t<td class=\"column-1\">harley<\/td><td class=\"column-2\">michael<\/td>\n<\/tr>\n<tr class=\"row-26\">\n\t<td class=\"column-1\">1234567<\/td><td class=\"column-2\">football<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<span id=\"tablepress-22-description\" class=\"tablepress-table-description tablepress-table-description-id-22\">2012 data from xato.net and 2011 data from SplashData.com<\/span>\n<!-- #tablepress-22 from cache -->\n<p><em><strong>rb-<\/strong><br \/>\n<img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" class=\"alignright wp-image-98322 \" title=\"Why don't they listen\" src=\"https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/hair_pulling_w.jpg?resize=100%2C100&#038;ssl=1\" alt=\"Why don't they listen\" width=\"100\" height=\"100\" srcset=\"https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/hair_pulling_w.jpg?resize=150%2C150&amp;ssl=1 150w, https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/hair_pulling_w.jpg?resize=75%2C75&amp;ssl=1 75w, https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/hair_pulling_w.jpg?w=320&amp;ssl=1 320w\" sizes=\"auto, (max-width: 100px) 100vw, 100px\" \/>Approximately 2\/3&#8217;s of the worst passwords stayed the same between 2011 and 2012. Are your users&#8217; passwords on this list? If so, it\u2019s safe to say you should consider a password change policy to force them into using a stronger password.<\/em><\/p>\n<p><em>I have written about passwords since at least 2010 &#8211; <a title=\"Password Insecurity\" href=\"https:\/\/wp.me\/p2wgaW-uw\" target=\"_blank\" rel=\"noopener\">here<\/a>, <a title=\"Are You on the Pwnedlist?\" href=\"https:\/\/wp.me\/p2wgaW-2S4\" target=\"_blank\" rel=\"noopener\">here<\/a>, and <a title=\"First Computer Passwords Useless\" href=\"https:\/\/rbach.net\/index.php\/worlds-first-computer-password-was-useless\/\" target=\"_blank\" rel=\"noopener\">here<\/a>. When will they listen?<\/em><\/p>\n<h6>Related articles<\/h6>\n<ul>\n<li><a href=\"http:\/\/arstechnica.com\/gaming\/2012\/08\/hackers-collect-significant-account-details-from-blizzard-servers\/\" target=\"_blank\" rel=\"noopener noreferrer\">Hackers collect significant account details from Blizzard servers<\/a> (arstechnica.com)<\/li>\n<li><a href=\"http:\/\/blogs.securiteam.com\/index.php\/archives\/1815\" target=\"_blank\" rel=\"noopener noreferrer\">Passwording: checklists versus heuristics<\/a> (blogs.securiteam.com)<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<p style=\"text-align: left;\"><em><a title=\"Ralph Bach\" href=\"https:\/\/rbach.net\/index.php\/new-resume\/\" target=\"_blank\" rel=\"noopener noreferrer\">Ralph Bach<\/a>\u00a0has been in IT long enough to know better and has blogged from his\u00a0<a title=\"Bach Seat\" href=\"https:\/\/rbach.net\/\" target=\"_blank\" rel=\"noopener noreferrer\">Bach Seat<\/a> about IT, careers, and anything else that catches his attention since 2005. You can follow him on <a class=\"broken_link\" href=\"http:\/\/www.linkedin.com\/in\/rb48334\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">LinkedIn<\/a>,\u00a0<a href=\"https:\/\/www.facebook.com\/ralph.bach.14\" target=\"_blank\" rel=\"noopener noreferrer\">Facebook<\/a>,\u00a0and\u00a0<a href=\"https:\/\/twitter.com\/rbach48334\" target=\"_blank\" rel=\"noopener noreferrer\">Twitter<\/a>. Email the Bach Seat\u00a0<a href=\"mailto:\/\/bach.seat@gmail.com\" target=\"_blank\" rel=\"noopener noreferrer\">here<\/a>.<\/em><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Most users use the same 5 passwords to secure their accounts 2\/3&#8217;s of the worst passwords stayed the same from 2011 &#8211; 2012.like &#8220;password&#8221; and &#8220;123456&#8221;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[2197,27,1345,1346,317,696,1344,2541,4,1844],"class_list":["post-17582","post","type-post","status-publish","format-standard","hentry","category-security","tag-2197","tag-data-security","tag-eharmony","tag-eset","tag-linkedin","tag-lnkd","tag-mark-burnett","tag-passwords","tag-security","tag-weak"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/posts\/17582","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/comments?post=17582"}],"version-history":[{"count":14,"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/posts\/17582\/revisions"}],"predecessor-version":[{"id":131021,"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/posts\/17582\/revisions\/131021"}],"wp:attachment":[{"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/media?parent=17582"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/categories?post=17582"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/tags?post=17582"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}