Enhance your password security.

Get Started
CTA icon
Ask more questions text between two clocks

Q&A On Our Worst Password List

January 20, 20164 min read

We always get lots of questions about our annual Worst Passwords List, so I thought I'd tackle some of these questions here.

What exactly are these 25 Worst Passwords? How do you collect passwords?

Technically, these are the most common 25 passwords we found from our searches of public posts or "dumps" of plain text (rather than hashed or encrypted) passwords posted on a wide variety of sites on the Internet during the calendar year 2015. We found over 2 million such passwords in 2015 from our searches. Most of these password dumps would be from hacks, breaches, or leaks of password databases on servers supporting consumer web sites. We make an effort to ensure these are unique passwords (so we are not double counting the same posts from different sources).


 

Why are these the "Worst Passwords"?

We call them the "worst passwords" because when it comes to password security, using a popular password is a very bad thing. Since the most popular passwords are so common, these popular passwords would be among the very first tried by any hacker or malicious "cracking" program. When you choose a password, you want something unique, complex, and unusual, and you want to make sure you use different passwords for different sites.


 

How popular are the 25 Worst Passwords?

We estimate about 3% of people are using these 25 worst passwords, which is consistent with our prior samples, but the trend does seem to point toward a smaller percentage of people using them each year


 

Why do you publish the Worst Password list?

We're trying to educate people about the risks of choosing convenient but weak passwords. We want to encourage people to use longer, stronger, more complex passwords or passphrases. We also want to encourage people to use different passwords for different websites. And obviously we know that once people start following these better practices, they are more likely to follow security experts' recommendations and use a password manager like our SplashID for consumers and TeamsID for organizations and families.


 

How long have you been researching Worst Passwords?

Over 5 years, dating all the way back to 2011


 

Do you have other information about your research?

Yes, you can get our free ebook on results from our 5 years of researching common passwords


 




Of the two million leaked passwords the 2015 list is sourced from, were there any sites in particular that provided a large percentage? Are adult sites included?


There is a pretty wide variety of sites represented with no one leak representing a large portion of the sample. We make an effort to exclude adult sites since those tend to be overweighted in leaks, and the kinds of passwords people use on adult sites tend to be different from passwords they use on other sites (i.e., a lot more naughty!).





How has the importance of an individual password evolved as people's information is increasingly exposed as a result of attacks on corporate databases outside of their control?


Since exposure is constantly increasing -- more sites being hacked, more passwords at risk -- what's becoming more and more important over time is to use different passwords for different sites. It's almost inevitable that some of your logins somewhere will be exposed. You just want to make sure that exposure doesn't have a cascading effect on your other logins, especially at more valuable sites and services (e.g., email and financial services).

To learn more about our insights from these studies, click here to download our new eBook, Worst Passwords: What We Have Learned From Five Years of Studying the Internet's Most Commonly Used Passwords


 


 


 

Get started for FREE

facebook social icon
twitter social icon
linkedin social icon
Enhance your password security

The best software to generate and have your passwords managed correctly.

TeamPassword Screenshot
Recommended Articles
Keeper logo in front of other popular password manager logos

Password Management

March 24, 20249 min read

Top 7 Keeper Alternatives for 2024

Looking for Keeper alternatives? Here, we break down some of the top password manager tools for keeping your ...

Robot sitting at computer learning to code

Cybersecurity

March 19, 20247 min read

Machine Learning for Cybersecurity | Cybersecurity Trends 2024

Did you know you can use machine learning for cybersecurity? Come learn our best practices for machine learning ...

Lock, credit cards, and keyboard

Cybersecurity

March 11, 20246 min read

Cybersecurity for Financial Services | The Ultimate Guide

With frequent threats and scams on the rise, it is important to know how to strengthen cybersecurity for ...

The Password Manager for Teams

TeamPassword is the fastest, easiest and most secure way to store and share team logins and passwords.