123456 Still The Most Common Password For 2015

Find your website's Achilles' Heel


So sadly, but also unsurprisingly ‘123456’ is still the most common password for 2015 (based on leaked password lists) the same as it was in years before, e.g. The 25 Worst Passwords Of 2013 – “password” Is Not #1.

123456 Still The Most Common Password For 2015

Way back in 2006, it clocked in at number 5 in a rather UK centric look at passwords. Interestingly, back in 2006 a weaker version of the same password was number 1, I think 6 digit password requirements hadn’t become commonplace yet.

SplashData has announced the 2015 edition of its annual “Worst Passwords List” highlighting the insecure password habits of Internet users. “123456” and “password” once again reign supreme as the most commonly used passwords, as they have since SplashData’s first list in 2011, demonstrating how people’s choices for passwords remain consistently risky.

In SplashData’s fifth annual report, compiled from more than 2 million leaked passwords during the year, some new and longer passwords made their debut – perhaps showing an effort by both websites and web users to be more secure. However, the longer passwords are so simple as to make their extra length virtually worthless as a security measure.

The top 10 most commonly used passwords for 2015:

1. 123456
2. password
3. 12345678
4. qwerty
5. 12345
6. 123456789
7. football
8. 1234
9. 1234567
10. baseball

And as you can see this year, 8 characters minimums must have become a thing with 12345678 clocking in at 6th place.

You’d think with all the massive, extremely messy, public hacks that have taken place – people would have wised up a little. But then I always forgot the number of stupid people is a constant, so the more people come on-line or use computers, the greater the absolute number of idiots there are.

The only thing I’m glad about is that football is more popular than baseball.

As for preventing this, use a password generator (preferably the one inside your password manager, because you are using a password manager right?), use separate passwords per site (easier with a password manager), don’t use predictable passwords (yourname, yourname1 etc for each different site).

Source: SplashData


Posted in: Password Cracking

, , , , , , , ,

Recent in Password Cracking:
- IGHASHGPU – GPU Based Hash Cracking – SHA1, MD5 & MD4
- SamParser – Parse SAM Registry Hives With Python
- RWMC – Retrieve Windows Credentials With PowerShell

Related Posts:

Most Read in Password Cracking:
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 1,476,987 views
- Password Cracking Wordlists and Tools for Brute Forcing - 590,311 views
- Password Cracking with Rainbowcrack and Rainbow Tables - 436,547 views

Get protected with Sucuri


3 Responses to 123456 Still The Most Common Password For 2015

  1. Bruno January 21, 2016 at 11:00 pm #

    This kind of news does not surprise me, and that is right, this number of people is a constant, so there is difficult to prevent this.

    “The only thing I’m glad about is that football is more popular than baseball.”

    That is right! :) Me too!

  2. Dan January 24, 2016 at 8:49 pm #

    I would expect the main cause of these simple passwords to be from bots signing up on websites to post spam.

    • Darknet January 25, 2016 at 4:27 pm #

      Nope, more likely humans, bots can use complex passwords and ‘remember’ them because they are state aware computer programs.