And the most common passwords in 2019 are...

[Aragorn]

NordPass has made a list of the top 200 most commonly-used passwords that were leaked in 2019 data breaches. You can go to their site to see them all. Here are the top 30.

1. 12345 (2812220 count)
   
2. 123456 (2485216)
3. 123456789 (1052268)
4. test1 (993756)
5. password (830846)
6. 12345678 (512560)
7. zinch (483443)
8. g_czechout (372278)
9. asdf (359520)
10. qwerty (348762)
11. 1234567890 (329341)
12. 1234567 (261610)
13. Aa123456. (212903)
14. iloveyou (171657)
15. 1234 (169683)
16. abc123 (150977)
17. 111111 (148079)
18. 123123 (145365)
19. dubsmash (144104)
20. test (139624)
21. princess (122658)
22. qwertyuiop (116273)
23. sunshine (107202)
24. BvtTest123 (106991)
25. 11111 (104395)
26. ashley (94557)
27. 00000 (92927)
28. 000000 (92330)
29. password1 (92009)
30. monkey (86404)

SplashData has a different Top 100 list. Here is their top 30.

1. 123456
2. 123456789
3. qwerty
4. password
5. 1234567
6. 12345678
7. 12345
8. iloveyou
9. 111111
10. 123123
11. abc123
12. qwerty123
13. 1q2w3e4r
14. admin
15. qwertyuiop
16. 654321
17. 555555
18. lovely
19. 7777777
20. welcome
21. 888888
22. princess
23. dragon
24. password1
25. 123qwe
26. 666666
27. 1qaz2wsx
28. 333333
29. michael
30. sunshine

 

[Santaman]

*Sighs and changes the codes on his luggage...*

 

[Owain Taggart]

You'd think people would be more creative. But I guess creativity doesn't enter the equation for most people.

 

[Q2UnME]

I've been using 16 character (or more) passwords for a few years now. Hard to hack, but also a pain to remember ...

 

[Mr. Laser Beam]

It boggles the mind that more people don't use password managers. Like this one. Then none of this would happen.

 

[Stephen!]

Perhaps they'll phase out static passwords eventually and replace with OTP for everything. https://en.wikipedia.org/wiki/One-time_password

 

[Jayson1]

You'd think people would be more creative. But I guess creativity doesn't enter the equation for most people.

It isn't about creativity. More about having something easy to remember. Jason

 

[Locutus of Bored]

It isn't about creativity. More about having something easy to remember.

Jayson, I regret to inform you that THEY have got your password, bud:

30. monkey (86404)

 

[Owain Taggart]

It isn't about creativity. More about having something easy to remember. Jason

Easy-to-remember doesn't cut it these days, unfortunately.

 

[think]

It boggles the mind that more people don't use password managers. Like this one. Then none of this would happen.

Ok a random google password exactly transcribed between my desktop win 10 and my iPad 2 mini doesn’t work because certain characters that represent the same character in one is mapped to ascii differently enough to have it not unlocked my google account,, I have come to accept this fact and have to use less special characters in a password I design,..not the random generated password,.. special characters don’t work between machines..

I am really fed up with passwords and usually use something like a terminator quote = “fuck you asshole” with numbers, as being a way to vent my extreme frustration with the number of times people I give free email addresses to my friends, with development problems where first, the password selection is maddeningly difficult and having the password again a month later when they think to check their email and can’t find the piece of paper with said password and as well don’t know their email address,, as most likely they never wrote it down or lost the paper by the next time they washed their clothes It was in,. Leaving us to create a new account and all that we had done only to make yet another account a month later and then after a few more times it becomes useless to even try for them,,..over and over..

And all is wasted,, this btw is not a person but a group of people some of them we started with learning the alphabet or adding and subtracting that usually progress is very slow requiring saint like patience.. ..

I love this work I did, I have moved on mostly but un-justified wasted time is sad on something like a password for my older friends,..

 

[Amaris]

I use a password manager, but not the password part. I just write down all of my passwords in it because the database is encrypted.
I fill in my passwords myself so that I don't become overly dependent upon a manager to remember them all for me.

 

[Ar-Pharazon]

Remember when all sites prevented the use of "special" characters? Now some site require "special" characters, while others still don't allow them.

I can't remember that shit. And I won't trust a password manager. They probably have backdoors that let the developers get in and steal your damn passwords.

 

[Amaris]

Remember when all sites prevented the use of "special" characters? Now some site require "special" characters, while others still don't allow them.

I can't remember that shit. And I won't trust a password manager. They probably have backdoors that let the developers get in and steal your damn passwords.

I use Keepass. The database is encrypted with the SHA-256 algorithm. It's free and open source.

https://keepass.info

 

[Ar-Pharazon]

I use Keepass. The database is encrypted with the SHA-256 algorithm. It's free and open source.

https://keepass.info

The free apps are the ones I would trust the least

 

[Amaris]

The free apps are the ones I would trust the least

Open source apps are your best bet. Unlike closed software, they can be closely examined for flaws and bugs, and those bugs patched. Remember, they're not freemium, these are open source.

 

[Mr. Laser Beam]

They probably have backdoors that let the developers get in and steal your damn passwords.

No, they don't.

In any case, what's the alternative? If you write your passwords down, somebody could find them. And reusing the same password across multiple sites is obviously not safe either. So a password manager is the only reasonable, logical solution to the problem.

That said, password managers offer other benefits than just storing and generating passwords. I use 1Password not only for my actual passwords, but also to keep track of my credit cards (it reminds me when they are about to expire), my driver's license and passport (ditto), reward programs (hotels, air miles, grocery stores, etc.), secure storage of documents, that type of thing.

In the end, though, it all boils down to this: The most secure password is one that you don't know. It can't be guessed, and you can't be tricked into giving it up. And that's only possible with the use of a password manager.

 

[TEACAKE'S PLEATHER DOME]

I will proudly and stupidly say I've been using the same password for 20 years

 

[tharpdevenport]

Mr. Burns: "People are idiots"

 

[bigdaddy]

Are that many people named Ashley?

 

[Ar-Pharazon]

No, they don't.

In any case, what's the alternative? If you write your passwords down, somebody could find them. And reusing the same password across multiple sites is obviously not safe either. So a password manager is the only reasonable, logical solution to the problem.

That said, password managers offer other benefits than just storing and generating passwords. I use 1Password not only for my actual passwords, but also to keep track of my credit cards (it reminds me when they are about to expire), my driver's license and passport (ditto), reward programs (hotels, air miles, grocery stores, etc.), secure storage of documents, that type of thing.

In the end, though, it all boils down to this: The most secure password is one that you don't know. It can't be guessed, and you can't be tricked into giving it up. And that's only possible with the use of a password manager.

Even if I "wrote" them down, it would be in an Excel sheet or something that nobody else would get their hands on.

I do use the same P/W everywhere, but change it every 90 days when my work one needs changing. It's just a matter of remembering which places I had to use the special character. Once I've logged in, my browser remembers it (again, nobody else uses either of my computers).