This is a list of the crappest passwords of 2012

For All Things IT Security Conference Related

Join Our Newsletter [Over 50K Subscribers]

Let us send you information on ticket discounts, speaking opportunities and a ton more!

Home / Blog / This is a list of the crappest passwords of 2012

This is a list of the crappest passwords of 2012

Tagged Under:

This is a list of the crappest passwords of 2012.

password
123456
12345678
abc123
qwerty
monkey
letmein
dragon
111111
baseball
iloveyou
trustno1
1234567
sunshine
master
123123
welcome
shadow
ashley
football
jesus
michael
ninja
mustang
password1

The list comes from the fine folks over at Splash Data. When they compiled this data they certainly had enough security breaches and successful hacks to work with to compile this data, including Yahoo!, LinkedIn, eHarmony and Last.fm all being hacked.

If you use any of the above passwords – doubtful since our audience are highly educated and experienced information security experts and pentesters 😉 – but just in case – if you do use any of the above then, ahem, better change it. A dictionary attack, rainbow tables, John The Ripper et al will all crack these with no problem at all.

Also of course, users of any of these passwords are the most likely to be victims in future breaches.

Interesting to see that the top three passwords, “password,” “123456,” and “12345678,” remain unchanged from last year’s list.

New entries to this year’s list include “welcome, ” “jesus,” “ninja,” “mustang, ” and “password1.”

Leave a comment or reply below...thanks!