SplashData has released their latest annual report on the most commonly used passwords.  Unfortunately, the more things change, the more they stay the same.

By now, everyone knows that the number of hacking attempts and high-profile data breaches is on the rise. Everyone has heard, on more than one occasion, how important it is to not use the same password across multiple web properties, to enable two-factor authentication if and where it is offered and to use passwords that contain a combination of letters, numbers, and symbols in order to make them more difficult to crack.

Although these are things that everyone knows, the wisdom embedded in the advice above often goes unheeded. According to the data collected by aggregating passwords leaked in data breaches over the past year, the most commonly used password for 2017 is “123456,” followed closely by the ubiquitous “password.”  These are unchanged from last year.

The rest of the top 25 list contains a mix of the old and the new, including:

12345678

Qwerty

12345

123456789

Letmein

1234567

Football

Iloveyou

Admin

Welcome

Monkey

Login

Abel123

Starwars

123123

Dragon

Passw0rd

Master

Hello

Freedom

Whatever

Qazwsx

And Trustno1

If you make use of any of these passwords, we urge you to change them immediately. As important as data security is and as much as is at stake, you’re putting yourself, your friends and your co-workers at grave risk by using such easily cracked passwords.

SplashData’s CEO Morgan Slain had this to say on the topic:

“Unfortunately, while the newest episode may be a fantastic addition to the Star Wars franchise, ‘starwars’ is a dangerous password to use. Hackers are using common terms from pop culture and sports to break into accounts online because they know how many people are using those easy-to-remember words.”