Enhance your password security.

Get Started
CTA icon

Announcing our Worst Passwords of 2016

January 22, 20173 min read

"123456" and "password" again top SplashData's annual "Worst Passwords List"

Three variations of "password" appear on this year's list of risky passwords; millions of users continue putting themselves at risk

A few months ago there were news reports that the hacking of Democratic National Committee's John Podesta's email was made easier because his email password was "password." If these reports are true, he wouldn't be alone. For the sixth straight year, "password" joins "123456" as the two most commonly used passwords on SplashData's annual list of "Worst Passwords." Use of any of the passwords on this list would put users at grave risk for identity theft.

In its sixth annual Worst Passwords report, compiled from more than five million passwords leaked during the year, three variations of "password" appear, including "passw0rd" and "password1".

"Making minor modifications to an easily guessable password does not make it secure, and hackers will take advantage of these tendencies," says Morgan Slain, CEO of SplashData, Inc. "Our hope is that by researching and putting out this list each year, people will realize how risky it is to use these common logins, and they will take steps to strengthen their passwords and use different passwords for different websites."

While Star Wars-themed choices "princess" and "solo" keep the Force alive on the Worst Passwords list for the second year, sports terms have dropped off. The only sport to crack the Top 25 was "football" in the #5 spot.
New appearances on the list include "hottie", "loveme", and "flower". One other new entry is "zaq1zaq1" from the left column on standard keyboards - demonstrating again the importance of avoiding simple patterns.

Simple numerical passwords remain common, with five of the top 10 passwords on this year's list comprised of numbers only.

SplashData, provider of password management applications TeamsID, Gpass, and SplashID, releases its annual list in an effort to encourage the adoption of stronger passwords. According to SplashData, the over 5 million leaked passwords evaluated for the 2016 list were mostly held by users in North America and Western Europe.

Just over 10% of people use at least one of the 25 worst passwords on this year's list, with nearly 4% of people using the worst password, 123456.

SplashData offers three simple tips to be safer from hackers online:

* Use passwords of eight characters or more with mixed types of characters.

* Avoid using the same username/password combination for multiple websites.

* Use a password manager to organize and protect passwords, generate random passwords, and automatically log into websites.

Get started for FREE today

Prior Worst Password Lists:

Worst Passwords of 2015

Worst Passwords of 2014

Worst Passwords of 2013

Worst Passwords of 2012

facebook social icon
twitter social icon
linkedin social icon
Enhance your password security

The best software to generate and have your passwords managed correctly.

TeamPassword Screenshot
Recommended Articles
Lock, credit cards, and keyboard

Cybersecurity

March 11, 20246 min read

Cybersecurity for Financial Services | The Ultimate Guide

With frequent threats and scams on the rise, it is important to know how to strengthen cybersecurity for ...

Woman looking at computer screen and waiving to a remote team of co-workers in a video call.

Password Management

March 8, 202410 min read

Mastering Team Collaboration: The Role of Password Management in Remote Work

Team collaboration in remote work is more than video calls and shared documents. It's also about accessing the ...

Brave browser logo on 3D background

Password Management

March 4, 20249 min read

Brave Password Managers: A guide to compatible extensions and password managers

Brave is an excellent browser for privacy-conscious users, but its built-in password manager is no paragon of functionality. ...

The Password Manager for Teams

TeamPassword is the fastest, easiest and most secure way to store and share team logins and passwords.