FileHippo News

The latest software and tech news

And so here we are fresh into 2016, almost a fifth of the way into the 21st Century. The internet and the world wide... The Worst Passwords Of 2015 Revealed: People Still Using 123456!

And so here we are fresh into 2016, almost a fifth of the way into the 21st Century.

The internet and the world wide web are a part of everyday life.

We can land a robot on a comet, and we can talk on Skype with someone speaking a completely different language and have it translated in real time. It just goes to show that as a species we’ve come a long way since we were beating ourselves over the head with clubs.



And yet despite all the glorious technological achievements of the last few years, as a species, the most common password still in use for 2015 was 123456. The second most popular password, was, well, password.  On a personal level, I now fear for the future of the human race. 

So yes, in spite of all the big news stories last year of the rise of cybercrime, and the exponential growth in hacking, people it seems are still ridiculously bad at picking an even semi-decent password.

Making a splash with the stats

That is at least according to Password Management Firm Splash Data’s analysis.  Splash Data went out there and did the research, compiling a list of over 2 million passwords that were leaked over the course of 2015.

Variations of 123456 helped keep the top 10 rounded up with numerals, with 12345678 leapfrogging qwerty to 3rd and 4th place respectively. 1qaz2wsx made a surprise new entrance at number 15 on the list. (look at your keyboard. Took me a while to get anyway.)  Dragon made a new appearance at 16 as the Game of Thrones franchise seeped ever further into popular culture.

Change your passwords today

Here’s the full list below. If anyone has a password that bears even a fleeting resemblance to what follows, it’s probably a really good idea to go and change it now…

  • 1 – 123456 (unchanged from 2014)
  • 2 – password (unchanged)
  • 3 – 12345678 (Up 1)
  • 4 – qwerty (Up 1)
  • 5 – 12345 (Down 2)
  • 6 – 123456789 (Unchanged)
  • 7 – football (Up 3)
  • 8 – 1234 (Down 1)
  • 9 – 1234567 (Up 2)
  • 10 – baseball (Down 2)
  • 11 – welcome (New)
  • 12 – 1234567890 (New)
  • 13 – abc123 (Up 1)
  • 14 – 111111 (Up 1)
  • 15 – 1qaz2wsx (New)
  • 16 – dragon (Down 7)
  • 17 – master (Up 2)
  • 18 – monkey (Down 6)
  • 19 – letmein (Down 6)
  • 20 – login (New)
  • 21 – princess (New)
  • 22 – qwertyuiop (New)
  • 23 – solo (New)
  • 24 – passw0rd (New)
  • 25 – starwars (New)

Morgan Slain, CEO of Splash Data says:

“We have seen an effort by many people to be more secure by adding characters to passwords, but if these longer passwords are based on simple patterns they will put you in just as much risk of having your identity stolen by hackers…As we see on the list, using common sports and pop culture terms is also a bad idea. We hope that with more publicity about how risky it is to use weak passwords, more people will take steps to strengthen their passwords and, most importantly, use different passwords for different websites.”

You can view the original list and analysis in a lot more detail here.