The 25 Worst Passwords of 2018.Is yours on this list?

Despite warnings by security experts and repeated breaches, it appears that some internet users have not updated their passwords to a more secure one. SplashData, the company that makes password manager SplashID,
studied more than 5 million leaked passwords from recent breaches and found that many of the commonly used passwords on the list are commonly used bad passwords from previous years, like “123456,” “password,” “admin,” and “abc123.”

Several of the 25 included passwords were repeats from previous years, but there were a handful of new ones. Some were more poignant for the hellish year (“666666” and “!@#$%^&*” and “donald”) compared to inexplicably optimistic-sounding ones (“sunshine” and “princess”).


Top Methods How Hackers Can Hack Facebook Accounts & How To Protect From Them ?


Here are the worst passwords of 2018. It’s probably fair to say people find simple numerical strings to be the easiest to remember.

1 – 123456

2 – password

3 – 123456789

4 – 12345678

5 – 12345

6 – 111111

7 – 1234567

8 – sunshine

9 – qwerty

10 – iloveyou

11 – princess

12 – admin

13 – welcome

14 – 666666

15 – abc123

16 – football

17 – 123123

18 – monkey

19 – 654321

20 – !@#$%^&*

21 – charlie

22 – aa123456

23 – donald

24 – password1

25 – qwerty123

SplashData estimates that no fewer than 10 percent of people “have used at least one of the 25 worst passwords on this year’s list”. In addition, almost 3 percent of people are estimated to have used the most common poor password, ‘123456’.

For starters, users can use a password manager to collect their passwords securely in one place. Some popular ones include SplashData’s SplashID, LastPass, and 1Password. In addition to securely storing your passwords, many password managers can also dynamically generate unique, strong passwords when you need to create a new site login or update an existing credential. With a unique password, if one site gets breached, your other credentials wouldn’t be affected.

For banking, social media profiles, and other important websites, you can also add multi-factor or two-factor authentication. In addition to requiring a username and password, an additional authentication factor, like a six- or eight-digit passcode, must be used to log in These codes are either sent to you via text message or can be obtained through an authentication app.

Another way to make your password great again is to use an inexpensive hardware-based security key. Prior to releasing its own Titan USB key, Google claimed that when it started internal testing by requiring its employees to use a hardware key in 2017, it saw zero incidents of phishing attacks. With multi-factor authentication, even if an attacker has your login credentials, they wouldn’t be able to access your account without having a hardware key, a passcode sent to your phone, or a unique code that’s generated with an authentication app. Once linked to your account, the hardware keys will work with Windows, Macs, and smartphone devices over USB, USB-C, Bluetooth, or NFC connections, depending on the variant of the key.

30 Million Facebook Accounts Were Hacked: Check If You're One of Them

30 Million Facebook Accounts Were Hacked: Check If You’re One of Them

Late last month Facebook announced its worst-ever security breach that allowed an unknown group of hackers to steal secret access tokens for […]

Gmail encryption: Everything you need to know

Gmail encryption: Everything you need to know

Sending an unencrypted email is often likened to a postcard, in that anyone who wants to read it just needs […]

Leave a Reply