Skip to main content
Please enter a legal issue and/or a location
Begin typing to search, use arrow keys to navigate, use enter to select

Find a Lawyer

More Options

4 of the Most Common Passwords Are Also the Weakest

By Admin on December 10, 2013 | Last updated on March 21, 2019

The recent discovery of a database of stolen login credentials reveals four of the most common passwords used by consumers.

And they're very easy to guess.

A botnet called "Pony" -- a form of keylogging malware that tracks users' keystrokes -- collected 2 million usernames and passwords for accounts associated with Facebook, Twitter, Google, Yahoo, and LinkedIn, reports CNET.

What's more, security company Trustwave discovered many of the victims -- who lived in as many as 102 countries -- had some of the weakest passwords ever.

'12345' and 'Password'

So what were the most common user passwords, as revealed by the stolen-credentials database? According to CNET, they were:

  • 123456,
  • 123456789,
  • 1234, and
  • The word "Password."

Believe it or not, we're being totally serious.

Though many companies -- including Facebook, LinkedIn and Twitter -- have reset infected users' passwords, users may want to take this incident as a reminder to create more secure passwords.

Stronger Password Tips

Remember, a password is only as secure as you make it. That's why you'll want to steer clear of bad examples like, say, the United States' Cold War-era "00000000" nuclear missile code. Instead, take the following password precautions:

  • Create a unique password. A strong password is long and contains numbers, upper-and-lower case letters, and special characters like $, !, and @.
  • Use memorable phrases. The trick is to have a password that is both unique and memorable (for your sake). Try the first letters of an idiom, poem, or song you like. As Firstpost suggests, "Jack and Jill went up the hill to fetch" can magically transform into ""J&jwU2^2F."
  • Increase the length. When it comes to passwords, size matters. Craft a password that is longer than eight characters.
  • Use a password generator. If you're all tapped out of good password ideas, consider using a secure password generator.
  • Change your password often. As annoying as changing a password is, it's a necessary evil. This is because even a strong unique password can be compromised. If possible, try to change your password every 90 days.
  • Use vernacular language. If you're bilingual, take advantage of that -- but use the vernacular to thwart dictionary software used by hackers. The password "thirst" quenches your security needs as "tEsht@%22" in Bengali.

The time has come to move on from "12345" and "password." Get creative, people.

Related Resources:

You Don’t Have To Solve This on Your Own – Get a Lawyer’s Help

Meeting with a lawyer can help you understand your options and how to best protect your rights. Visit our attorney directory to find a lawyer near you who can help.

Or contact an attorney near you:
Copied to clipboard