A weak password can bring down even the strongest of your practice’s computer security defenses. Passwords are the cornerstone of all modern computer security practices. Because of that, they are one of the most highly sought after targets for attackers. When breaches occur, attackers often post the account information they steal online or on Dark Web sites for sale. Security researchers compile these lists of accounts and find out what users have actually chosen for their passwords. The results are often very shocking and disappointing. This is why we can’t have nice things. Here are the top 200 weak passwords for 2019, as chosen by real users.
Top 200 weak passwords for 2019
Click here for the entire list| 1. | 12345 | 2812220 |
|---|---|---|
| 2. | 123456 | 2485216 |
| 3. | 123456789 | 1052268 |
| 4. | test1 | 993756 |
| 5. | password | 830846 |
| 6. | 12345678 | 512560 |
| 7. | zinch | 483443 |
| 8. | g_czechout | 372278 |
| 9. | asdf | 359520 |
| 10. | qwerty | 348762 |
| 11. | 1234567890 | 329341 |
| 12. | 1234567 | 261610 |
| 13. | Aa123456. | 212903 |
| 14. | iloveyou | 171657 |
| 15. | 1234 | 169683 |
| 16. | abc123 | 150977 |
| 17. | 111111 | 148079 |
| 18. | 123123 | 145365 |
| 19. | dubsmash | 144104 |
| 20. | test | 139624 |
| 21. | princess | 122658 |
| 22. | qwertyuiop | 116273 |
| 23. | sunshine | 107202 |
| 24. | BvTest123 | 106991 |
| 25. | 11111 | 104395 |
| 26. | ashley | 94557 |
| 27. | OOOOO | 92927 |
| 28. | OOOOOO | 92330 |
| 29. | password1 | 92009 |
| 30. | monkey | 86404 |
| 31. | livetest | 83677 |
| 32. | 55555 | 83004 |
| 33. | soccer | 80159 |
| 34. | charlie | 78914 |
| 35. | asdfghjkl | 77360 |
| 36. | 654321 | 76498 |
| 37. | family | 76007 |
| 38. | michael | 71035 |
| 39. | 123321 | 69727 |
| 40. | football | 68495 |
| 41. | baseball | 67981 |
| 42. | q1w2e3r4t5y6 | 66586 |
| 43. | nicole | 64992 |
| 44. | jessica | 63498 |
| 45. | purple | 62709 |
| 46. | shadow | 62592 |
| 47. | hannah | 62394 |
| 48. | chocolate | 62325 |
| 49. | michelle | 61873 |
| 50. | daniel | 61643 |
| 51. | maggie | 61445 |
| 52. | qwerty123 | 59782 |
| 53. | hello | 59125 |
| 54. | 112233 | 58745 |
| 55. | jordan | 58698 |
| 56. | tigger | 57167 |
| 57. | 666666 | 56801 |
| 58. | 987654321 | 56653 |
| 59. | superman | 56113 |
| 60. | 12345678910 | 55414 |
| 61. | summer | 55403 |
| 62. | 1q2w3e4r5t | 55318 |
| 63. | fitness | 55095 |
| 64. | bailey | 54405 |
| 65. | zxcvbnm | 53307 |
| 66. | fuckyou | 52997 |
| 67. | 121212 | 52684 |
| 68. | buster | 51495 |
| 69. | butterfly | 51413 |
| 70. | dragon | 50640 |
| 71. | jennifer | 50602 |
| 72. | amanda | 50560 |
| 73. | justin | 50294 |
| 74. | cookie | 49712 |
| 75. | basketball | 49556 |
| 76. | shopping | 49085 |
| 77. | pepper | 48564 |
| 78. | joshua | 48230 |
| 79. | hunter | 47430 |
| 80. | ginger | 47404 |
| 81. | matthew | 47207 |
| 82. | abcd1234 | 47064 |
| 83. | taylor | 46353 |
| 84. | samantha | 46353 |
| 85. | whatever | 46339 |
| 86. | andrew | 46083 |
| 87. | 1qaz2wsx3edc | 45643 |
| 88. | thomas | 45317 |
| 89. | jasmine | 45190 |
| 90. | animoto | 44940 |
| 91. | madison | 44183 |
| 92. | 0987654321 | 44175 |
| 93. | 54321 | 43912 |
| 94. | flower | 43696 |
| 95. | Password | 43430 |
| 96. | maria | 43177 |
| 97. | babygirl | 43037 |
| 98. | lovely | 42897 |
| 99. | sophie | 42889 |
| 100. | Chegg123 | 42542 |
| 101. | computer | 42531 |
| 102. | qwe123 | 42478 |
| 103. | anthony | 42427 |
| 104. | 1q2w3e4r | 42242 |
| 105. | peanut | 42143 |
| 106. | bubbles | 42142 |
| 107. | asdasd | 42096 |
| 108. | qwert | 41948 |
| 109. | 1qaz2wsx | 41840 |
| 110. | pakistan | 41798 |
| 111. | 123qwe | 41602 |
| 112. | liverpool | 41272 |
| 113. | elizabeth | 41268 |
| 114. | harley | 41084 |
| 115. | chelsea | 40499 |
| 116. | familia | 39996 |
| 117. | yellow | 39726 |
| 118. | william | 39702 |
| 119. | george | 39270 |
| 120. | 7777777 | 39071 |
| 121. | loveme | 38797 |
| 122. | 123abc | 38501 |
| 123. | letmein | 38353 |
| 124. | oliver | 38269 |
| 125. | batman | 37973 |
| 126. | cheese | 37956 |
| 127 | banana | 37910 |
| 128. | testing | 37881 |
| 129. | secret | 37784 |
| 130. | angel | 37764 |
| 131. | friends | 37741 |
| 132. | jackson | 37731 |
| 133. | aaaaaa | 37568 |
| 134. | softball | 37556 |
| 135. | chicken | 37250 |
| 136. | lauren | 37151 |
| 137. | andrea | 36940 |
| 138. | welcome | 36723 |
| 139. | asdfgh | 36597 |
| 140. | robert | 35654 |
| 141. | orange | 35594 |
| 142. | Testing1 | 35389 |
| 143. | pokemon | 35293 |
| 144. | 555555 | 35128 |
| 145. | melissa | 35045 |
| 146. | morgan | 34829 |
| 147. | 123123123 | 34721 |
| 148. | qazwsx | 34436 |
| 149. | diamond | 34422 |
| 150. | brandon | 34227 |
| 151. | jesus | 34220 |
| 152. | mickey | 34180 |
| 153. | olivia | 34110 |
| 154. | changeme | 33940 |
| 155. | danielle | 33781 |
| 156. | victoria | 33770 |
| 157. | gabriel | 33679 |
| 158. | 123456a | 33562 |
| 159. | 0.00000000 | 33417 |
| 160. | loveyou | 33306 |
| 161. | hockey | 33091 |
| 162. | freedom | 33047 |
| 163. | azerty | 32881 |
| 164. | snoopy | 32792 |
| 165. | skinny | 32682 |
| 166. | myheritage | 32619 |
| 167. | qwerty1 | 32560 |
| 168. | 159753 | 32365 |
| 169. | forever | 32115 |
| 170. | iloveu | 32043 |
| 171. | killer | 31879 |
| 172. | joseph | 31852 |
| 173. | master | 31667 |
| 174. | mustang | 31619 |
| 175. | hellokitty | 31458 |
| 176. | school | 30905 |
| 177. | Password1 | 30871 |
| 178. | patrick | 30821 |
| 179. | blink182 | 30756 |
| 180. | tinkerbell | 30739 |
| 181. | rainbow | 30726 |
| 182. | nathan | 30489 |
| 183. | cooper | 30457 |
| 184. | onedirection | 30388 |
| 185. | alexander | 30078 |
| 186. | jordan23 | 29874 |
| 187. | lol123 | 29832 |
| 188. | jasper | 29813 |
| 189. | junior | 29502 |
| 190. | q1w2e3r4 | 29368 |
| 191. | 222222 | 29362 |
| 192. | 11111111 | 29291 |
| 193. | benjamin | 29288 |
| 194. | jonathan | 29279 |
| 195. | passw0rd | 29267 |
| 196. | 0123456789 | 29110 |
| 197. | a123456 | 29103 |
| 198. | samsung | 29073 |
| 199. | 123 | 29068 |
| 200. | love123 | 29064 |
How as this list made?
NordVPN, a popular virtual private networking (VPN) service, compiled this list from dozens of reported breaches in 2019. They compared all of the data from these breaches and found common passwords that many people were using. The database itself contains over 500 million passwords in total.
In the first half of 2019, more than 4 BILLION records were exposed or stolen because of data breaches. In December of this year, a security researcher found a further billion passwords that were unencrypted stored in an insecure database. This database was live on the internet.
Breaches are common and it’s usually a matter of when rather than if.
What makes a password weak or strong?
Weak passwords are those that are easy for an attacker to break. These include the passwords in the list above. All of these have the same characteristics. These include:
- Passwords less than 8 characters long
- Not using both upper and lower letters
- Not using numbers
- Using common or easily guessed passwords – if it’s in the English language, you shouldn’t be using it
Another bad habit many users have is to use the same password on many different websites or computers. The password is easy to remember so it makes using it everywhere easier. However, once a weak password is compromised, the attacker can use that password to gain access to all the accounts that the password was used on. Using a unique password for every website, account, phone, etc. is critical.
We have written an extensive page on how to create strong passwords that can be read here. However, for a quick and dirty explanation, try this method. Choose 4 or more random words together. For example:
horse carrot thermometer pipe
That password is 26 characters long. If you added a number, capitalized one of the letters, and added a special character, you would have a very strong password that is virtually impossible to break. It’s also easy to remember.
One of the best ways to ensure you always use strong passwords is with a password manager. LastPass is an example of a free password manager that is very easy to use. LastPass will generate unique passwords for each of your online accounts and make them completely random. This ensures that you aren’t using the same password over and over again. It also makes sure you are creating very strong and unbreakable passwords. LastPass stores your passwords in an encrypted database that even it can’t access.
LastPass is free and can be found here.
[DISPLAY_ULTIMATE_SOCIAL_ICONS]