SplashData compiles over 5 million passwords, that have leaked online, from 2018. From that data, they are able to build a list of the top 25 most used passwords of 2018. The sad part? The top two passwords have been the same top two passwords for five years now. No one should ever use "123456" or "password" and yet millions of people do.
We will note that several of the top 25 passwords are repeats from previous years, though their use has varied from year to year. One upside to all this data? There are a few new passwords on the list.
Sorry, Mr. President, but this is not fake news – using your name or any common name as a password is a dangerous decision. Hackers have great success using celebrity names, terms from pop culture and sports, and simple keyboard patterns to break into accounts online because they know so many people are using those easy-to-remember combinations. Our hope by publishing this list each year is to convince people to take steps to protect themselves online,” Slain said. “It’s a real head-scratcher that with all the risks known, and with so many highly publicized hacks such as Marriott and the National Republican Congressional Committee, that people continue putting themselves at such risk year-after-year.
- Morgan Slain, CEO of SplashData
This list is to help raise awareness for internet users on adapting better security measure, like stronger passwords. Strong passwords do not guarantee better online safety, but they do increase it. If you use a password that is on this list, you are just asking to be hacked.
1. 123456 - Unchanged 2. password - Unchanged 3. 123456789 - Up 3 from 2017 4. 12345678 - Down 1 from 2017 5. 12345 - Unchanged 6. 111111 - New for 2018 7. 1234567 - Up 1 from 2017 8. sunshine - New for 2018 9. qwerty - Down 5 from 2017 10. iloveyou - Unchanged 11. princess - New for 2018 12. admin - Down 1 from 2017 13. welcome - Down 1 from 2017 14. 666666 - New for 2018 15. abc123 - Unchanged 16. football - Down 7 from 2017 17. 123123 - Unchanged 18. monkey - Down 5 from 2017 19. 654321 - New for 2018 20. !@#$%^&* - New for 2018 21. charlie - New for 2018 22. aa123456 - New for 2018 23. donald - New for 2018 24. password1 - New for 2018 25. qwerty123 - New for 2018
Password managers are great for everyone. They can help generate stronger passwords and keep track of them for you. But, many password managers do more than that. 1Password is our prefered password manager, but Lastpass work great too! Both of these programs can also double as a digital safe box too.
First off, you should already be using one. If not, then you need to get one. You should be storing all of your usernames and passwords for all of your online accounts in a password manager. No two passwords should be the same. Additionally, you should be storing all of your "truthful" security question answers as well.
Your online passwords and answers are not the only thing you can and need to keep secure. You can store Wi-Fi passwords in your password manager too. Here some additional items, not a complete list, you can store in your password manager:
This list is not all encompassing. But, they can give you an idea of all the ways you can use your password manager to store important information.
Undoubtedly, some of the passwords for you accounts will be for accounts others in your household will need to use. Router credentials, the account for utilities, maybe even Netflix login information. Sharing this information is important, especially when you use long complex passwords. Here are the basics of sharing information in Lasspass and 1Password:
When signing up for online bank accounts, new email addresses, or health insurance accounts, they all ask you or force you into using security questions to add an extra layer of protection to your account. The problem is that most these security questions are not very secure. The most common question is "Your mother's maiden name" and one that is easy to guess or research. In fact, if someone gains the correct access to your personal information, it can affect you credit score.
With that, we urge everyone to take matters into your own hands and make security questions more secure. How do you do that? Well, security questions often ask you questions about your life. This is information anyone can potentially figure out from your social media accounts or data breaches, like the Equifax hack. With all of that data online, figuring out the first car you bought, street you lived on when you were a kid, or favorite hobby can be easy. Basically, answering truthfully is a bad idea. Below is the best suggestion to make security questions more secure for you.
Seriously, just flat our lie on the answers. First car? List your favorite plane, boat, or motorcycle. First grade teacher? Use the name of your favorite pet or the most disagreeable phrase to describe your first grade teacher, like garbage dump. The point is, as long as the data is not common knowledge, something not searchable online or via your social media, it's a good answer. Incorrect answers are inherently more secure than truthful answers.
Here's the problem with using incorrect answers, it can be hard to keep track of all of those answers. We use 1Password to store all our passwords and security answers here in our daily lives. A password manager is an essential tool in today's world, assisting you in storing all of you passwords securely and helping you to create more secure passwords. Honestly, if you have a password manager, have it generate your "incorrect" security question answers. #$Adke@A is a much harder answer to guess than Jennifer, even though neither are the actual name of your high school prom date.
But what about security questions that have canned answers? Well, you still lie! Just note those answers in your password manager. If they give you an option to create a custom answer in addition to canned answers, then choose that option and create your random answer.
Stay safe out there!