Last Updated on February 20, 2022
A good hacker can crack a simple password within minutes. This list compiles several years’ worth of most common passwords for an ultimate hacker’s delight: make sure you never use one of the dangerous passwords on this list for anything you hope to keep secure!
Each year, computer security experts release a list of the previous year’s most common — and thereby, most dangerous passwords.
Here, for example, are the top 20 most common passwords used in 2012. Google searches can easily turn up similar results for earlier years. It’s amazing how little some things change year after year. That said, occasionally changes do occur: in 2012, for example, even “Jesus” made the list.
I decided to compare lists for the past four years, then determine which passwords appear on at least three of the four lists. And I found eight of them that were in the top 20 most commonly-used passwords in 2009, 2010, 2011 and 2012. So my best advice is this: if you’re using a password that made this list, you’re practically asking to be hacked: pick something else!
17 Dangerous Passwords You Should Definitely Avoid
1. password
This one was at the top of the list in 2011 and 2012. It satisfies one basic tip from IT security professionals: it’s eight characters long. It’s also the most obvious password and likely the first one someone’s going to try if they want to get into your account.
2. 123456
Number progressions take several slots on this list, varying in length, but most have sequential order in common. Though experts insist your password should be at least eight characters, this six-character version has been the second most common password for two years now.
3. 12345678
Here’s the eight-character version. It has remained the third most common password for two years.
4. abc123
Pretty simple, right? Unfortunately, that means pretty simple for someone else to guess.
5. qwerty
This word represents the first six letters on a standard American keyboard and is also the name of the key layout for such keyboards. It’s also a risky password because of its commonness.
6. monkey
I’m not sure why, when it comes to animals, the monkey gets all the password love. Maybe it’s because no one knows how to spell orangutan.
7. iloveyou
It’s a sweet sentiment, but you won’t love it if you’re using this password for, say, your bank account and a hacker gets in.
8. 1234567
If the six- and eight-digits version of this password are so common, a seven-digit version might at least delay the inevitable for a few seconds.
9. letmein
It’s clever, but three of the past four years, it’s been on the list of common passwords…so maybe it isn’t so clever after all.
10. dragon
No idea why this one’s so popular.
11. 111111
This one satisfies one simple suggestion of experts: to create a password that’s easy to remember. Unfortunately, it ignores nearly every other suggestion, including not making your password all the same character.
12. baseball
It is America’s pastime, after all.
13. trustno1
You should definitely trust no one when your password is this easy to guess.
14. sunshine
Well, hello, sunshine. You’re about to be hacked.
15. shadow
The Shadow knows this is too simple a password for you to rely on.
16. ashley
You might expect Rhett Butler to be angry about this, but when we asked him, he told us he frankly didn’t give a damn.
17. michael
Michael? Hmmm. Who is this Michael and why has he made the list for three out of the last four years? Inquiring minds would love to know. It may be that because Michael (and Ashley, for that matter) are fairly popular names, they may turn up on these lists because of people who use their own names (or the names of their spouses or children) as passwords, another clear no-no, say the security experts.
Your Turn:
Without giving any hints to any would-be cyber criminals, have you ever used an easily-guessable password like these? If so, what prompted you to change it to something more difficult? (Because we’re sure you did change it to something more difficult, right? Right?
markpavan Ross_Quintana – Thanks Mark 🙂
TheDarkSci patricksplace used one of them for a decade or so 😀
@DennisEckmeier TheDarkSci patricksplace I have a few I’ve used a long time, but they’re in the process of being changed! 🙂
DennisEckmeier live and learn…learn and live!!! patricksplace
@TheDarkSci DennisEckmeier patricksplace Exactly!
TheDarkSci patricksplace haha, well I stopped using it before it got on one of those lists… 😉
HeyDrWilson Thanks for the RT!
patricksplace my pleasure!
The biggest password rule I broke was using the same one over and over again. I wouldn’t say it would be easy to guess, but who knows? After that I changed to using different password, but that led to needing to keep them all written down (another password no-no) because  I clearly couldn’t remember them all.
Now I use a password that is about 12 characters long and includes upper case, lower case, numbers, and a special character when allowed.
TedtheThird Exactly my problem: it’s hard to have a unique password for every service, make each hard to guess, AND remember which everyone is.
I’m using a password management system at home (and you have to log on to my computer to even get to a point where you can reach that…) but then when I’m not at home, the chances of me remembering a random password are slimmer and slimmer.
I don’t think I’ve used any easy to guess passwords. Â I’ve certainly never used any of these.
Cathryn (aka Strange)Â I’m amazed at how obvious some of these are. And people wonder why hacking happens so often!