Reminder: Your Passwords Are Still Terrible Passwords like '123456' and 'password' are incredibly insecure, but many people continue to use them.

By Angela Moscaritolo

This story originally appeared on PCMag


Hey, Internet: Your passwords still suck.

Though security experts have been warning us since forever that passwords like "123456" and "password" are incredibly insecure, many people continue to use them, according to new data from Keeper Security, which makes password management software.

The company analyzed 10 million passwords that became public via data breaches in 2016 and found that nearly 17 percent of users are protecting their accounts with "123456," which Keeper ranked as the most common password of 2016.

In fact, variations of sequential numbers made up 70 percent of the top 10 most common passwords, Keeper found.

The second most-popular password of 2016, according to Keeper, was "123456789" followed by "qwerty," "12345678" at number four and "111111" at five. Rounding out the top 10 were: "1234567890" at six, followed by "1234567," "password," "123123," and the very clever (not) "987654321."

Seven of the top 15 passwords consist of just six characters, which is a big no-no if you don't want hackers accessing your account.

"Today's brute-force cracking software and hardware can unscramble those passwords in seconds," Keeper wrote.

Interestingly, some seemingly random passwords such as "18atcskd2w" and "3rjs1la7qe" also cracked the top 25. Security expert Graham Cluley over the summer said that it probably wasn't humans who chose these passwords, but bots, which repeatedly used the codes when setting up dummy email accounts for spam and phishing attacks.

Meanwhile, Keeper pointed out that the list of most commonly-used passwords hasn't changed much in the past few years, suggesting many users simply don't care or can't be bothered to create and remember secure passwords. The company called on website owners to start enforcing stronger password policies.

"What really perplexed us is that so many website operators are not enforcing password security best practices," the Keeper team wrote. "While it's important for users to be aware of risks, a sizable minority are never going to take the time or effort to protect themselves. IT administrators and website operators must do the job for them."

To protect your passwords from getting hacked, take the time to use a variety of characters, including numbers, upper and lowercase letters, and other symbols. Avoid using dictionary words, which are easily crackable. Consider using a password manager, and avoid using the same password over and over.

Angela Moscaritolo has been a PCMag reporter since January 2012. 

Editor's Pick

Related Topics


How To Spend One Perfect Day in Santa Barbara

From beaches to bites: A 24-hour guide to sun-kissed shores of The American Rivera.


How to Win Over the Room With Effective Persuasion Skills

The art of persuasion is not just about the notes, the data, and the pitch; it's about creating a connection that resonates with the audience. We explore how a blend of story, active listening, and genuine interaction can not only capture attention but also win hearts and minds, setting the stage for achieving success in any meeting.


Don't Miss This Sam's Club Membership Deal for Just $20

Your last chance for a great deal on a membership that helps you save money all year long.

Business Ideas

55 Small Business Ideas to Start in 2023

We put together a list of the best, most profitable small business ideas for entrepreneurs to pursue in 2023.


This $126 Apple- and Android-Compatible Display Can Help You Drive Safer

Adding this display will elevate your older model car for an affordable price.