SplashData releases last years most used passwords…To no surprise ‘123456’ remains #1.

I’m always baffled when I ask a client for their passwords and they say “it’s easy, it’s password” or they email back stating “it’s the initials of the business name with the numbers of our mailing address”…

If you are guilty of this line of thinking or use one of the below passwords, then surely you’ve never had an account hi-jacked or spent a day trying to recover stolen or lost data. Being in the web industry, I get hired to remove malicious code from websites because a hacker has taken over a clients website, mostly due to weak login credentials. Usually I get a call on a Friday at 4pm,  just before the weekend (never fails!), from a panicked customer whose website is down because of malicious code has taken over their site.  This could have been avoided if they just created stronger passwords.

For the past few years our friends over at Splashdata have compiled the world’s most used and worse passwords people use.


2015 Most Used Passwords

Here’s the complete list. The number in brackets represents the spot it was in last years list. What’s interesting is Star Wars has made the list this year. I swear, hackers must roll over laughing at how incredibly naive the average internet user can be when choosing a password.


  1. 123456 (unchanged)
  2. password (unchanged)
  3. 12345678 (#4)
  4. qwerty (#5)
  5. 12345 (#3)
  6. 123456789 (unchanged)
  7. football (#10)
  8. 1234 (#7)
  9. 1234567 (#11)
  10. baseball (#8)
  11. [/one_third][one_third]

  12. welcome (new)
  13. 1234567890 (new)
  14. abc123 (#14)
  15. 111111 (#15)
  16. 1qaz2wsx (new)
  17. dragon (#9)
  18. master (#19)
  19. monkey (#12)
  20. letmein (#13)
  21. login (new)


  23. princess (new)
  24. solo (new)
  25. passw0rd (new)
  26. starwars (new)
  27. qwertyuiop (new)
  28. [/one_third_last]

How to create better passwords 

One good rule of thumb to follow is if you can remember your passwords, then they’re probably too easy and you should go find something better! If you have a password that resembles a model number of a dryer, like WyEDd87DW, then you’re headed in the right direction of having a better password. Just add some symbols in their to make it more fool proof. Know that you can use a 3 instead of an E, a $ instead of an S.

Last year, I wrote an article on tips to create a stronger password, and put some tips on how to create stronger passwords. If you see your password on the list above, please consider reading my suggestions as there’s free and paid software out their you can use to keep track of your passwords. If you use Google Chrome, you can download an add-on that can make logging into website very easy.


Do you use WordPress?

While WordPress is an amazing CMS to use, and has lots of free plug-ins and widgets to help small businesses to create stunning websites, there’s just one small downfall – WordPress sites are more likely to get compromised then any other CMS. Mainly because of how popular it is, and it’s free to download and use. While most WordPress hacks are used to install tracking cookies and send out billions of spam messages, and for the most part this isn’t tooharmful, it’s still a nuisance for a business owner to have to spend time or money to get the site files all cleaned up. FYI, if this happens to you, you need to clean it up; otherwise your hosting account could be filled or go over Bandwidth allotment and you can me left with a hefty bill on overage charges…


Be proactive

Take the time to install a security plug-in on your WordPress website and also start using the strong password generator to create really good passwords so that we don’t have to worry about being compromised. By following just a few simple steps, you can save yourself some stress and annoyances. Need help? Feel free to reach out to me and we can ensure you’re site and passwords don’t make it on next years worst passwords list.