Internet Insecurity: The 25 Worst Passwords of 2011

by Sheryl Nance-Nash Nov 15th 2011 11:30AM
Updated Nov 17th 2011 2:49PM
Internet Insecurity: The 25 Worst Passwords of 2011You've got locks on your doors and maybe even an alarm system guarding your home. But all that stands between criminals and your bank account information is the word "password." Sound familiar? "Password," "123456" and, weirdly, "monkey" are among the 25 worst passwords of the year, according to SplashData, a private company that sells security services and password software.

SplashData compiled its list -- released Monday -- from files containing millions of stolen passwords posted online by hackers.
How often do you change your passwords?
Once a month.1500 (10.9%)
Twice a year.1621 (11.8%)
Once a year.1921 (13.9%)
I never change them.8264 (59.9%)
480 (3.5%)
And despite all the fancy technology available to hackers, when it comes to breaking and entering, they'll still go for the low-hanging fruit, starting with easy passwords like these.

Here's a tip for creating a more secure password: Make it eight characters or more, and use multiple types of characters -- upper- and lower-case letters, numbers and symbols. (For more tips, read DailyFinance's article on how to create safe, memorable passwords.)

25 Worst Passwords of the Year

1. password

2. 123456

3. 12345678

4. qwerty

5. abc123

6. monkey

7. 1234567

8. letmein

9. trustno1

10. dragon

11. baseball

12. 111111

13. iloveyou

14. master

15. sunshine

16. ashley

17. bailey

18. passwOrd

19. shadow

20. 123123

21. 654321

22. superman

23. qazwsx

24. michael

25. football


Learn about investing from the comfort of your own home.

Portfolio Basics

Take the first steps to building your portfolio.

View Course »

Investment Strategies

Learn the strategies you need to build a winning portfolio

View Course »
View All Courses

Add a Comment

Sign in »
*0 / 3000 Character Maximum

71 Comments

Filter by:
mesager42

My hubby uses the first letter of some song lyrics of whatever song he currently is into learning how to play. I tend to use lists of objects that are connected - like letters from my pets names and numbers connected with the year they were born, adopted, or died. We've had some pretty funky pet names.

I also like using completely misspelled words that are sounded out - kind of like folks use when they devise vanity license plates.

Creating passwords is really kind of fun if someone likes inventing them based upon favorite things in their lives like: foods, restaurants, vacations, friends, pets, exercises, video games, celebrties, bands, stores for shopping, clothing designers, vehicles, songs, relatives, college subjects, books, TV pundits, ex husbands, ex wives, boyfriends, girlfriends, etc...

Humans are always creating lists of things in their brains based upon preferences. Use those lists to create unique passwords.

November 24 2012 at 9:46 PM Report abuse rate up rate down Reply
Janie

There's risk in every thing we do in life, no since in worring about it, The most important thing in our life's is our monies in banks. If you check your balance regularly then your safe. We have 30 to 60 days to notify banks about fraud and in most cases for individuals we get every penny back. Businesses are a different story, they only have one day legally. But I couldn't imagine a bank not giving Donald Trump's businesses back hatched funds lost, LoL

June 08 2012 at 8:11 PM Report abuse rate up rate down Reply
cjcfleur

The only person on the face of the earth that could figure out my password is my husband, but of course he knows it. Even those closest to me could not figure it out. It is one thing to know something about a person and guess what a password might have in it, say cat, and another thing to figure out the entire thing in the right order, caps or not, numbers or not, and so on, and be able to do it in the 3-4 trys before the program throws you out. :)

April 20 2012 at 4:47 PM Report abuse rate up rate down Reply
netexas121

These are probably passwords of Republicans. Heres another, 2dumb2noit

November 21 2011 at 7:52 PM Report abuse rate up rate down Reply
1 reply to netexas121's comment
knightowl057

I wonder how the liberal's favorite "yourpaycheckbelongstome666" didn't make the list.

April 23 2012 at 5:45 PM Report abuse rate up rate down Reply
iceburner911

Thumbs up if you just changed your password to "monkey" XD

November 21 2011 at 7:40 PM Report abuse rate up rate down Reply
northlandzentai

awebuser: there is no need to change your password all the time unless you have been attacked. (Note that this comes from Security Now). The reason to change your password often is to prevent people who know it from using it. think about it though, if someone knows your password, are they going to wait 7 months or are they going to use it ASAP? All that changing your password does is give you something new to memorize.

Chess Piece Face: symbols are a good idea as they are what add entropy. In a 5 character using all lower case gives at minimum 5 bits per character, or a 25 bit string. using upper, lower, numbers and symbols gives about 7 bits per character or a 35 bit string. By saying only letters are allowed you are limiting the amount of entropy for a given length, and increasing the chance of a password being cracked. (This is also from Security Now)

November 21 2011 at 7:05 PM Report abuse rate up rate down Reply
Business Card

don't be important enough for someone to even try and guess your password to get into your stuff. problem solved.

November 21 2011 at 6:29 PM Report abuse -1 rate up rate down Reply
rkenzie247

The best password is something thats got nothing to do with you ! Look aound your office, something you see all day , or smell, and use it , I work with machinery, so I would use Musty under arms 8 ! Noone will get that one !!!

November 21 2011 at 5:48 PM Report abuse rate up rate down Reply
randy4johnson

Funny answers, anyway! Exactly like my vote...

November 21 2011 at 1:01 PM Report abuse rate up rate down Reply
Koz

I have never changed my password, cause nobody can figure it out. I have 4 depending on security level.
They have nothing to do with anytng that would be public info.
They are very personal, so a hacker would neec to know me very well.
Even my best buddy could not figure them out.

November 21 2011 at 10:07 AM Report abuse rate up rate down Reply