Skip to main content

These are officially the worst passwords of 2019

The best password manager
(Image credit: Shutterstock)

SplashData has released its annual list of the most commonly-used passwords across the world, uncovering that old security habits really do die hard.

The security firm investigated over five million leaked passwords over the past twelve months, and found that many of the most common logins would be easy to guess for even the most incompetent hackers.

In perhaps the most surprising news, "password" has for the first time been knocked out of the top two spots, being replaced by the painfully simple "123456" and "123456789".

Complex

SplashData estimates almost 10 percent of people have used at least one of the 25 worst passwords on this year’s list, with nearly three percent using "123456".

The company noted that while many computer programs now prevent such simple passwords from being created in the first place, older applications and some websites lack this ability, allowing for some dangerously weak passwords. 

Among this year's new entries were “1q2w3e4r” and “qwertyuiop” - simple patterns using contiguous keys on the keyboard - however SplashData says that using such letter/number combinations will still be easy to crack.

“Our hope by publishing this list each year is to convince people to take steps to protect themselves online, and we think these and other efforts are finally starting to pay off,” says Morgan Slain, CEO of SplashData.

“We can tell that over the years people have begun moving toward more complex passwords, though they are still not going far enough as hackers can figure out simple alphanumeric patterns.”

Here are the so-called "worst passwords of 2019"

  1. 123456
  2. 123456789
  3. qwerty
  4. password
  5. 1234567
  6. 12345678
  7. 12345
  8. iloveyou
  9. 111111
  10.  123123