What Are the Worst Passwords of 2017?
The more things change, the more they stay the same.
2018 kicked off with news of a massive security threat that’s been called “chipocalypse”—no, not a potato shortage—security flaws found in Intel chips, as reported by Google Project Zero. Yet, for the fourth straight year, the top spots (#1 and #2) in the annual worst passwords of the year list issued by password management company SplashData are unchanged. People apparently still use “123456” and “password.”
Compiled from more than five million passwords leaked during the year, here are the top twenty commonly hacked passwords from SplashData’s list of the 100 worst passwords of 2017:
Disney-Lucasfilm’s “Star Wars: The Last Jedi” was an indisputable blockbuster at the box office during the 2017 holiday period, which, while inspired fans, contributed to an entry into the top 20 most hacked passwords. “Starwars” the password came in at #16. Some references are easy to remember, but when it comes to security for your accounts and devices, heed the advice General Leia Organa gave to Poe Dameron in "The Last Jedi": “Poe, get your head out of your cockpit. There are things that you cannot solve by jumping in an X-wing and blowing something up!”
Two-factor or multi-factor authentication is a frequently recommended precaution that adds an extra layer of security, especially when it comes to sensitive data such as email, financial accounts, and health records. Unfortunately, when it comes to authenticating identity, many users still choose passwords, passphrases, and PINs that are too easy to guess. “Hackers are using common terms from pop culture and sports to break into accounts online because they know many people are using those easy-to-remember words,” said Morgan Slain, CEO of SplashData.
The National Institute of Standards and Technology (NIST), a non-regulatory federal agency within the U.S. Department of Commerce, issued new security guidelines during 2017. It turns out that passwords with a combo of characters, such as numbers, uppercase and lowercase letters, and symbols may not be as helpful as previously thought.
What makes a good password? Password length, according to the NIST appendix, is a primary factor in password strength. Another recommendation is to compare your passwords against a password “black list.”
What are the odds your passwords will be hacked?
“Never tell me the odds!” - Han Solo