The Worst Passwords of 2019
Earlier this week, several providers of password managers, like SplashData and NordPass, released a list of ‘worst passwords of 2019’. These lists were compiled from the millions of passwords that were hacked and lifted from compromised databases. Some of these passwords were then dumped online. The top five doesn’t change much from year to year. Still strong at number one are sequential numbers. 12345 is apparently used by approximately close to 3 million internet users. Another 30+ million just add another or a couple of extra digits, believing 123456, 12345678 or 1234556789 is more secure. Also forever popular are “qwerty”, “asdfgh” and other predictable keyboard patterns. A new popular password is “qwertyiop”, for those who want to add “some extra security”. Worst of all is probably the word “password”, used with either an “o” or a zero. This password had been on the throne for ages and in the top 5 since the beginning of password security.
Still Trending
Next, there are the classics that don’t seem to disappear from the top 30, such as “welcome”, “admin”, “keepout”, “letmein”, “secret” and “test”. There are also variations on these basic passwords. “Test1”, for example, is of course also easy enough for hackers to test. Still trending in 2019 are “princess”, “dragon” and of course “iloveyou”. While new entry “donald” also made the list. Some of the unexpected popular passwords were “zinch” and “g_czechout”.
New Year’s Resolution for Better Security
What do we want users to take home from this? Simple. The end of the year is generally a good time to reflect on the good, the bad and the ugly. And to make some New Year’s resolutions. So why not take some simple steps to better protect yourself online? Immediately change any passwords you are using that have appeared in this article. We have put together this ultimate guide to creating strong passwords to help you with this. Next, pick a password manager from this list of best password managers. And finally, don’t forget to enable two-factor authentication whenever and wherever possible.
