The Worst Passwords for 2012

Weak passwords present one of the most significant security risks for computer users worldwide yet the trend appears to go on unabated. SplashData, a U.S. based password management company, has recently released its list of the worst passwords for 2012. The list was compiled from files containing millions of stolen passwords posted online by hackers.

In a year with several high profile password hacking incidents at major sites including Yahoo, LinkedIn, eHarmony, and, SplashData’s list of frequently used passwords clearly shows that many people continue to put themselves at risk by using weak, easily guessable passwords.

  • The top three worst passwords for 2012; password, 123456, and 12345678, remain unchanged from last year’s list.
  • New entries to this year’s list include; welcome, jesus, ninja, mustang, and password1.

We’re hoping that with more publicity about how risky it is to use weak passwords, more people will start taking simple steps to protect themselves by using stronger passwords and using different passwords for different websites.

Here is SplashData’s worst 25 passwords of 2012 (including positions relative to 2011)

  1. password               Unchanged
  2. 123456                    Unchanged
  3. 12345678               Unchanged
  4. abc123                    Up 1
  5. qwerty                      Down 1
  6. monkey                   Unchanged
  7. letmein                    Up 1
  8. dragon                     Up 2
  9. 111111                      Up 3
  10. baseball                  Up 1
  11. iloveyou                   Up 2
  12. trustno1                   Down 3
  13. 1234567                  Down 6
  14. sunshine                 Up 1
  15. master                      Down 1
  16. 123123                    Up 4
  17. welcome                  New
  18. shadow                    Up 1
  19. ashley                      Down 3
  20. football                     Up 5
  21. jesus                        New
  22. michael                    Up 2
  23. ninja                         New
  24. mustang                  New
  25. password1              New

SplashData’s report includes the following advice to consumers and businesses:

Even though each year hacking tools get more sophisticated, thieves still tend to prefer easy targets. Just a little bit more effort in choosing better passwords will go a long way toward making you safer online.

The list does include some real doozies, and the fact that the top 3 worst passwords for 2012 are the exact same as last year certainly tends to suggest that, surprisingly, many people are still not listening. Does your password appear in the list?


4 thoughts on “The Worst Passwords for 2012”

  1. Jim, I received a funny email with two older women, and one telling the other she found a way of having the computer tell her, her password, on the rare occasion she would forget it. Get ready for it, her password was “incorrect”, Mindblower! lotfl

    1. LOL. Good one MB!!

      Then there was the man who thought he’d be smart and use the word ‘penis’ as his password. He input his new password with his wife looking on and a smirk on his face. The computer came back with the message… “Not long enough!”… his wife cracked up.

  2. Timetraveler

    Hi Jim,

    Whew! None of mine were on the list! Not sure if one or more might be on the next 25. Happy Thanksgiving!

  3. Jim Polichak

    Here’s a simple one that you’ll never forget – an old phone number from your past. Your parent’s when you were a kid? Your grandmother’s? Maybe an ex’s?
    The older the better; especially if it has the old lettered exchange >>> MUrry hill5-7578 (for example)

Comments are closed.

Exit mobile version


Get great content like this delivered to your inbox!

It's free, convenient, and delivered right to your inbox! We do not spam and we will not share your address. Period!