Reminder: Your Passwords Are Still Terrible

Passwords like '123456' and 'password' are incredibly insecure, but many people continue to use them.

Grow Your Business, Not Your Inbox

Stay informed and join our daily newsletter now!
Will be used in accordance with our Privacy Policy
Reminder: Your Passwords Are Still Terrible
Image credit: Shutterstock
3 min read
This story originally appeared on PCMag

Hey, Internet: Your passwords still suck.

Though security experts have been warning us since forever that passwords like "123456" and "password" are incredibly insecure, many people continue to use them, according to new data from Keeper Security, which makes password management software.

The company analyzed 10 million passwords that became public via data breaches in 2016 and found that nearly 17 percent of users are protecting their accounts with "123456," which Keeper ranked as the most common password of 2016.

In fact, variations of sequential numbers made up 70 percent of the top 10 most common passwords, Keeper found.

The second most-popular password of 2016, according to Keeper, was "123456789" followed by "qwerty," "12345678" at number four and "111111" at five. Rounding out the top 10 were: "1234567890" at six, followed by "1234567," "password," "123123," and the very clever (not) "987654321."

Seven of the top 15 passwords consist of just six characters, which is a big no-no if you don't want hackers accessing your account.

"Today's brute-force cracking software and hardware can unscramble those passwords in seconds," Keeper wrote.

Interestingly, some seemingly random passwords such as "18atcskd2w" and "3rjs1la7qe" also cracked the top 25. Security expert Graham Cluley over the summer said that it probably wasn't humans who chose these passwords, but bots, which repeatedly used the codes when setting up dummy email accounts for spam and phishing attacks.

Meanwhile, Keeper pointed out that the list of most commonly-used passwords hasn't changed much in the past few years, suggesting many users simply don't care or can't be bothered to create and remember secure passwords. The company called on website owners to start enforcing stronger password policies.

"What really perplexed us is that so many website operators are not enforcing password security best practices," the Keeper team wrote. "While it's important for users to be aware of risks, a sizable minority are never going to take the time or effort to protect themselves. IT administrators and website operators must do the job for them."

To protect your passwords from getting hacked, take the time to use a variety of characters, including numbers, upper and lowercase letters, and other symbols. Avoid using dictionary words, which are easily crackable. Consider using a password manager, and avoid using the same password over and over.

More from Entrepreneur

Get heaping discounts to books you love delivered straight to your inbox. We’ll feature a different book each week and share exclusive deals you won’t find anywhere else.
Jumpstart Your Business. Entrepreneur Insider is your all-access pass to the skills, experts, and network you need to get your business off the ground—or take it to the next level.
Starting, buying, or growing your small business shouldn’t be hard. Guidant Financial works to make financing easy for current and aspiring small business owners by providing custom funding solutions, financing education, and more.

Latest on Entrepreneur

Entrepreneur Media, Inc. values your privacy. In order to understand how people use our site generally, and to create more valuable experiences for you, we may collect data about your use of this site (both directly and through our partners). By continuing to use this site, you are agreeing to the use of that data. For more information on our data policies, please visit our Privacy Policy.