skip to Main Content

How Do Your Passwords Rate? Did Yours Make the “Worst Passwords” List?

Think your passwords are secure just because you’ve never been hacked? Better think again, or at least check it against this list of “Top 100 Worst Passwords for 2018.”

So, why does it matter? For starters, you want to protect your personal information, including your email, your Tower accounts, your address and credit card number. Thanks to an explosion of personal information being stored in the cloud, and our tendency to use short passwords and reuse passwords, exploits can occur.

SplashData, a company that provides of password management applications, released its annual list in an effort to encourage the adoption of stronger passwords. Morgan Slain, CEO of SplashData, Inc., says “Hackers have great success using celebrity names, terms from pop culture and sports, and simple keyboard patterns to break into accounts online because they know so many people are using those easy-to- remember combinations.” By publishing this list each year, their hope is to convince people to take steps to protect themselves online.

Following are a few of the worst of the “worst.” Is yours on this list?

25 Worst Passwords of 2018

1. 123456
2. password
3. 123456789
4. 12345678
5. 12345
6. 111111
7. 1234567
8. sunshine
9. qwerty
10. iloveyou
11. princess
12. admin
13. welcome
14. 666666
15. abc123
16. football
17. 123123
18. monkey
19. 654321
20. !@#$%^&*
21. charlie
22. aa123456
23. donald
24 password1
25 qwerty123

So, what makes a good password?
The longer the better. While many sites and applications only require you to create passwords with a minimum of eight characters, security experts are now recommending passwords be 15+ characters long. Why? It’s because computer technology today allows hackers to run more efficient password cracking tools. Given enough time, the automated method can correctly guess any password. A simple device can crack an eight letter single-case password in five hours. However, if you use a password with 12 or more characters, it increases to 200 years!

Make it unique
Remember, the more unique, the better your account is protected. This is a good opportunity for you to be creative while making your account more secure. So, don’t be afraid to think outside of the box! The more unusual your password is, the less likely a hacker’s software will be able to detect patterns and figure out your password. Use special symbols that you’ve never used before—such as !@#$%^&*(){}[]. While you think you could get away with just replacing an “S” with a “$” or changing an “A” to “@”, hackers are already one step ahead of you and can easily pick up on these patterns.

Don‘t re-use passwords
Don’t use the same password across multiple sites or for different services you may have on the Internet, for example, using the same password for your email and your Home Banking account at Tower. If you’re using the same password on other sites, hackers may be able to log in as you on those sites as well. So, take the time to create individual passwords for every account you have.

Use a phrase
Avoid obvious and easily guessable passwords like “password” or “123456” (or anything in the above list, for that matter). Also, don’t use any information that can be gathered from your social media accounts, like pet names, e-mail addresses, names, places, etc. Try not to use words found in a dictionary. Start with a meaningful phrase, sentence, song lyric, etc. and add numbers, capital letters, and symbols for password complexity, such as: “I love watermelon because it just turns to water in your belly!” = “iLwmbcijtth2OiyB!” Who could crack that password? Even worse, how will you remember your new, more-complicated passwords?

Managing your passwords
If you have trouble remembering good passwords (everyone does, actually), let a password manager randomly generate a password for you. There are both browser password managers and app-based services. This will help you manage unique and complex passwords for all your accounts. There are a variety of free and subscription password managers that may help keep you on track and more secure.

It’s hard to believe, but many cybersecurity experts aren’t necessarily opposed to the old fashioned “paper book” for storing passwords. They reason that as long as the book doesn’t leave your home, a cybercriminal would actually have to break in to get access to your book of passwords, which defeats the objective of being a “cybercriminal.” Point taken.

Resources: Forbes, Splash Data,

Contact Us