‘Starwars’ Makes it to the List of 2017’s Worst Passwords


The list of the 25 most-used and most hackable passwords of 2017 has been published today on Lifehacker, with ‘123456’ topping the list as the worst password of 2017. The list was compiled by SplashData, makers of the password managers SplashID and TeamsID, from over 5 million passwords leaked in data breaches this year. It is believed that almost 10% of computer users have used at least one of these.

“Hackers are using common terms from pop culture and sports to break into accounts online,” says SplashData’s CEO Morgan Slain, “because they know many people are using those easy-to-remember words.”

I use a couple of passwords based on an old favorite book, but they have nothing to do with the title and they have special characters. In general—and I can’t say this enough—you should use a password manager, and have it generate long, hard-to-guess passwords.

Security experts recommend making longer, less obvious passwords, not reusing passwords, and getting a password manager like 1Password, which is both fast and super easy to use. Never make your password starwars, or twinpeaks, or any piece of popular culture for that matter.

Below are the 25 worst passwords of 2017. A complete list of the 100 most-used passwords is also available in PDF format at this link.

  1. 123456
  2. password
  3. 12345678
  4. qwerty
  5. 12345
  6. 123456789
  7. letmein
  8. 1234567
  9. football
  10. iloveyou
  11. admin
  12. welcome
  13. monkey
  14. login
  15. abc123
  16. starwars
  17. 123123
  18. dragon
  19. passw0rd
  20. master
  21. hello
  22. freedom
  23. whatever
  24. qazwsx
  25. trustno1
P.S. - Like our news? Support the site: become a Patreon subscriber. Or shop with our Amazon link, or buy us a coffee! We use affiliate links when possible--thanks for supporting independent media.