Are You Using One Of 2017’s Worst Passwords?

Are You Using One Of 2017’s Worst Passwords?

Password security may not be an exciting topic, but ignore it at your peril. There are so many reasons to keep your passwords safe and security starts with choosing the right password.


How Do I Choose A Strong Password?


We always advise you use unique, long strings of varied characters with multiple numbers, capitals, and special characters. What does that mean in real terms? A password that looks more like l-6d-038-N-fo-M! rather than using your mum’s maiden name.



People often use the excuse that these complex passwords are too hard to remember, especially when you should use a unique one for every service you sign in to. Thankfully you don’t have to remember any of them, or even generate them yourself. Use services such as KeePass, iCloud Keychain, Samsung Pass or Google Smart Lock.


The bottom line is that your password is protecting your data from hackers. Data that can be exploited and cause great expense to your business and yourself.


Password Policy



To protect your business, you should have a password policy in place. Larger organisations often have policies in place that stop users from using weaker passwords. Blacklists can be set up to stop certain passwords being used (such as ‘password’) and expiration dates can also be set to force users to change their passwords frequently.


Top 25 Worst Passwords of 2017


This list comes from over 5 million leaked passwords, mainly from the USA and western Europe. If you are using any of these, go and change them. Change them now.


25. trustno1 (new)

24. qazwsx (new)

23. whatever (new)

22. freedom (new)

21. hello (new)

20. master (up 1)

19. passw0rd (down 1)

18. dragon (up 1)

17. 123123 (new)

16. starwars (new)

15. abc123 (down 1)

14. login (down 3)

13. monkey (new)

12. welcome (unchanged)

11. admin (up 4)

10. iloveyou (new)

9. football (down 4)

8. 1234567 (unchanged)

7. letmein (new)

6. 123456789 (new)

5. 12345 (down 2)

4. qwerty (up 2)

3. 12345678 (up 1)

2. password (unchanged)

1. 123456 (unchanged)


This list shows that users are complying with site requests for longer passwords and ones with numbers, which is a small step in the right direction. However, we can assume from this list that many people still don’t understand the risk of choosing a weak password.


This isn’t good news for business owners whose staff could well be using a password from this list thus comprising data security. If you would like some advice on password policies, please do get in touch.