Content starts here

The 25 Worst Passwords: Is Yours on the List?

Lo Chun Kit

If you recently changed your password to “starwars” in honor of the blockbuster movie, congratulations. Your new password is among the world’s worst — or rather, one of the most hackable.

That’s according to SplashData, a password management company, which studies millions of breaches to come up with an annual list of the most common and easily exploitable passwords.

No. 1 on the list for two years in a row is “123456.” Again in second place: “password.” Other perennials on the worst list: football, baseball, letmein and qwerty — the first six letters in a row of the keyboard. “Starwars” is a newcomer to the list and came in 25th. But the movie inspired other weak passwords: “princess” at No. 21 and “solo” in 23rd place.

SplashData says someone’s password is breached every three seconds. And among those most vulnerable are people age 60 and older, women ages 30 to 45, busy CEOs and politicians, as well as sports fans using the name of their favorite sport or team as a password.

Get discounts on financial services from trusted companies — AARP Member Advantages »

SpashData’s tips for secure passwords:

  • Create passwords that are at least 12 characters long and are a mix of letters, symbols and numbers.
  • Make them easier to remember by using short words interspersed with spaces or characters in between, such as “eat cake at 8” or “car_park_city.”
  • Don’t use the same combination of username and password for multiple sites. Avoid using a favorite sport, person’s name or birthday.


Photo: Winhorse/istock

Also of Interest

See the  AARP home page for deals, savings tips, trivia and more.

Search AARP Blogs