IE 11 is not supported. For an optimal experience visit our site on another browser.

'Jesus,' 'ninja,' join 'password' as worst passwords of 2012

Hands on keyboard
Getty Images
By Suzanne Choney

The next time you're asked to create an 8-character password, don't choose "password." Despite it being the among worst possible choices, it remains the most common password used on the Internet and posted by hackers.

No. 2 and No. 3, respectively are the tried-and-true weaklings "123456" and "12345678." (Those two mean you can count — on being low-hanging fruit for hackers, that is.)

The info comes from SplashData, which makes password management applications. The company's top 25 list of the "scariest" passwords was released with Halloween as a peg, but there's no treats here for anyone, and possibly some nasty tricks.

The list was put together "from files containing millions of stolen passwords posted online by hackers," SplashData says. If you use any of the passwords on the list, you should change them immediately. Otherwise, users "of any of these passwords are most likely to be victims in future breaches," the company says.

While "password," "123456" and "12345678" remain the top three again from last year's list, newcomers include "welcome, " "jesus," "ninja," "mustang" and the brilliant "password1." 

Here's the top 25 "Worst Passwords of 2012," including their current ranking and any change from the 2011 list: 

1.  password (Unchanged)
2,  123456 (Unchanged)
3.  12345678 (Unchanged)
4.  abc123 (up 1)
5.  qwerty (down 1)
6.  monkey (unchanged)
7.  letmein (up 1)
8.  dragon (up 2)
9.  111111 (up 3)
10. baseball (up 1)
11. iloveyou (up 2)
12. trustno1 (down 3)
13. 1234567 (down 6)
14. sunshine (up 1)
15. master (down 1)
16. 123123 (up 4)
17. welcome (new) 
18. shadow (up 1)
19. ashley (down 3)
20. football (up 5)
21. jesus (new)
22. michael (up 2)
23. ninja  (new)
24. mustang (new)
25. password1 (new)

"At this time of year, people enjoy focusing on scary costumes, movies and decorations, but those who have been through it can tell you how terrifying it is to have your identity stolen because of a hacked password,” said Morgan Slain, SplashData CEO, in a statement

“Even though each year hacking tools get more sophisticated, thieves still tend to prefer easy targets,” he said. “Just a little bit more effort in choosing better passwords will go a long way toward making you safer online.”

Check out Technolog, Gadgetbox, Digital Life and In-Game on Facebook, and on Twitter, follow Suzanne Choney.

Suzanne Choney
close