The Top 25 Most Commonly-Used Passwords on the Internet

Shh. The password is "PASSWORD"...

SplashData, a leading provider of password management applications, recently published their "Top 25" list of most commonly used password on the internet.  copyrightjoestrazzere

1. 123456
2. password
3. 12345678
4. qwerty
5. abc123
6. 123456789
7. 111111
8. 1234567
9. iloveyou
10. adobe123
11. 123123
12. admin
13. 1234567890
14. letmein
15. photoshop
16. 1234
17. monkey
18. shadow
19. sunshine
20. 12345
21. password1
22. princess
23. azerty
24. trustno1
25. 000000

SplashData's top 25 list was compiled from files containing millions of stolen passwords posted online during the previous year. The company advises consumers or businesses using any of the passwords on the list to change them immediately.

SplashData suggests making passwords more secure with these tips:

Use passwords of eight characters or more with mixed types of characters. But even passwords with common substitutions like "dr4mat1c" can be vulnerable to attackers' increasingly sophisticated technology, and random combinations like "j%7K&yPx$" can be difficult to remember. One way to create more secure passwords that are easy to recall is to use passphrases -- short words with spaces or other characters separating them. It's best to use random words rather than common phrases. For example, "cakes years birthday" or "smiles_light_skip?" 

Avoid using the same username/password combination for multiple websites.  Especially risky is using the same password for entertainment sites that you do for online email, social networking, or financial service sites. Use different passwords for each new website or service you sign up for.

So "iloveyou" isn't a good password? That's a shame. How about "iloveyou2"? Fortunately, nothing I use resembles anything on this list.

My biggest gripe about passwords is that each website has their own rules for password construction, and many of them are far too constrictive. I know of many sites that don't permit certain special characters. I even know of one very prominent financial institution which limits passwords to just 12 characters! In my opinion, that's simply not enough for constructing a strong password/passphrase.

Is it too much to ask for at least 64 characters, and permitting alphanumeric characters and all special characters?

How about you? Are you comfortable with the passwords you use? Any of the passwords in the above list look familiar?


Image courtesy of Salvatore Vuono / FreeDigitalPhotos.net

---

This article originally appeared in my blog: All Things Quality

	My name is Joe Strazzere and I'm currently a Director of Quality Assurance. I like to lead, to test, and occasionally to write about leading and testing. Find me at http://AllThingsQuality.com/.