The Worst Passwords of 2019: It Looks Like People Learned Nothing

Cybersecurity specialists keep telling us about the importance of using strong passwords. In fact, they have been stressing it ever since passwords were invented. Sadly, numerous hacking incidents can confirm that sloppy password habits can ruin everything both for companies and regular home users. Still, it looks like the message is not getting through as the top 10 worst passwords of 2019 look almost the same as the top 10 worst passwords of 2018. If you need an example of a bad password and do not know what makes a passcode strong, we invite you to read our full report. Further, we provide a list of the worst passwords of 2019 and explain why they are weak. Also, we talk about what is a secure password and how to create strong login credentials to increase your password security.

What are the top 10 worst passwords of 2019?

SplashData, the same company that brought us the list of the worst passwords in 2018, has made a list of the weakest passwords that were used in 2019. The list was created by analyzing more than 5 million leaked passcodes that were shared among cybercriminals. It consists of one hundred passcodes that are mostly made from names, easily-guessable words, dates, and numbers in a row. However, you do not have to view them all to understand that many users still do not care about their password security. We believe it is enough to see the top 10 worst passwords of 2019. Thus, here is a list of the weakest passwords that is ideal if you need an example of a bad password:

  1. 123456
  2. 123456789
  3. qwerty
  4. password
  5. 1234567
  6. 12345678
  7. 12345
  8. iloveyou
  9. 111111
  10. 123123

If you compare the list to the top 10 worst passwords of 2018, you should notice that 123456 still holds the first position. In truth, almost all of the top 10 worst passwords in the 2018 and 2019 lists are the same. Except for sunshine, which was replaced by 123123. For those of you who use iloveyou or any other passcode from this list, we can tell you that cybercriminals will love you too if they ever come across your accounts for making it easy to hack them. As you see, the passwords in this list are the combinations that will be tried first to access your account.

What is a secure password, and how to create it?

None of the passwords listed above can be called strong, as many of them are made from easily-guessable patterns and words. Not to mention, they have been known to cybercriminals for years. Thus, it is safe to say that users who use them are putting their cybersecurity at risk. If you do not want to do this, we encourage you to use only the combinations that are unique and strong. A unique combination is a password that has never been breached and has not been used to protect any other account. In other words, if you want to have unique passcodes, you should never reuse them.

A strong password is considered to be a combination of at least 10 or 12 characters. That is at least for now as we all know that as time goes by, cybersecurity specialists keep increasing the recommendable number of characters. Some of you might recall that at some point, a combination of six characters was considered to be enough to protect one’s account. However, now, users are advised to use not only twice as many characters but also both lower-case and upper-case letters, symbols, and numbers together. If you cannot imagine how you could create such unique and complex passwords for all of your accounts as well as remember them all, we advise employing a dedicated password manager.

Dedicated password managers can keep your passcodes safe and generate random combinations from your chosen characters and of selected length. Thus, using such software is probably one of the easiest ways to increase your password security. Of course, to make sure that your accounts are safe, even if hackers manage to brute-force your passwords or obtain them during a data breach, you should enable Two-Factor Authentication. Many websites and platforms now offer this feature, but if you do not want to use it for all of your accounts, we recommend enabling it, at least for the most important ones. For example, your email account could be linked to numerous other profiles, which is why it is advisable to take all safety precautions that your email provider can offer to ensure its security.

Why is password security important?

If you have not heard it before, information on the Internet is extremely valuable nowadays. Unfortunately, many of us share tons of personal or non-personal data every day, for example, when we create a new account or shop online, and there are many risks related to it.

In short, it is vital to ensure your password security so that no one could gain access to your accounts and misuse the information that they might be storing. If you think that no one would be interested in your data, you are wrong. Your accounts do not have to contain sensitive information like banking details for hackers to be interested in them. For instance, your personal information could be used to scam you or to impersonate you as well as for numerous other malicious purposes.

Moreover, some pieces of information might seem less significant than others, but combined, they could provide hackers what they need to attack you. Not to mention, hacking one of your accounts might provide cybercriminals with access to your other profiles. Therefore, you should care about all of your accounts equally. As already mentioned in the article, one of the best ways to protect your profiles is to ensure password security, which you can do if you avoid the listed examples of bad passwords and use unique and complex combinations instead.

All in all, it seems that many users still do not understand the risks of using weak passwords or believe that their accounts could be hacked. Of course, service providers cannot do anything as it is up to users if they want to use weak or strong passcodes. Nonetheless, we hope that more and more people will become aware of how important it is to ensure password security and that combinations like password or 123456 that provide zero protection will not appear in the list of the worst passwords of 2020.

By Foley
February 20, 2020
February 20, 2020

Leave a Reply