Worst passwords of 2014

The year 2014, in many respects, was all about digital security. It wasn’t just tech pundits or early adopters who were victimized – Snapchat, Target, and Sony Entertainment all showed us that no one is immune. And don’t get me started on the NSA. It’s our responsibility as internet explorers to protect ourselves. But according to SplashData’s yearly list of the worst passwords on the internet (as compiled by more than 3 million leaked passwords from 2014), we are kind of lazy about the whole “digital security” thing. At least when it comes to properly locking the gates with a strong password.


Just take a look at the full list:

1. 123456

2. password

3. 12345

4. 12345678

5. qwerty

6. 123456789

7. 1234

8. baseball

9. dragon

10. football

11. 1234567

12. monkey

13. letmein

14. abc123

15. 111111

16. mustang

17. access

18. shadow

19. master

20. michael

21. superman

22. 696969

23. 123123

24. batman

25. trustno1


Last year, ‘password’ topped the list so I guess we can find some small progress in the fact that most people are just typing integers as their passwords as opposed to robotically typing in the worst password you could ever use. Heck, we’re even using ‘dragon,’ a symbol of strength and fiery vengeance that is, sadly, also a horrible password.


There are easy ways to handle the problem of passwords. And the blame is not entirely on you — the whole password system is flawed and messy. But there are easy steps you can take to be more secure. One is using password management software to ensure that your passwords are strong enough, updated, and securely locked down and in a place you can find them.


For folks who can’t be bothered to take that step, you can still do more. Even if your password isn’t entirely random and disconnected from you personally (which is best), you can still choose your same obvious passwords and spruce them up a bit.


You can use the placement of keys on a keyboard to do this — for example, folks who use ‘123456’ or ‘qwerty’ can simply jumble those together based on the keys, making something like ‘q1w2e3r4t5′. Want to make it easier? Take something you’ll remember: “My uncle lives in Kansas” and make it your password “MyUncleLivesInKansas” and add his street address: “MyUncleLivesInKansas207.” These long, complex passwords are actually quite difficult to hack and are easy to remember. While these won’t stop great hackers from getting into your stuff, at least you’ll be taking steps to get out of the top ten.