Study Reveals That 123456 is The Most Common password of 2016





study reveals 123456 is the most common password 2016

M

ore than 10 million leaked user records were collated by the Keeper Security team, and after examining the leaked data, it was found that over 1.7 million accounts (17%) were secured with the “123456” password, almost one in every six profiles. The simplistic password “123456” ranked first for the third year in a row. Other passwords that made it into the top 10 most common passwords of 2016 list in the report were ‘111111’, ‘password’, ‘123123’ and few other such generic numerical passwords. It came as no surprise, as the top 10 passwords showed a pattern used that consisted of strings of sequential characters, phrases from the top of the keyboard and repeated groups of letters.




Keeper Security, a US-based password management company, has revealed a list of the worst passwords of 2016. The list has been compiled by aggregating passwords leaked in data breaches during the past year. The Keeper team also assessed the top 25 passwords found in data from Leaked Source, Have I Been Pwned, Randomize and Tripwire.



“This is stunning in the light of the fact that, as we have reported, today’s brute-force cracking software and hardware can unscramble those passwords in seconds,” according to Keeper Security.

Here’s a look at the complete list of top 25 common worst passwords – those used by the most people at the same time:

  1. 123456
  2. 123456789
  3. qwerty
  4. 12345678
  5. 111111
  6. 1234567890
  7. 1234567
  8. password
  9. 123123
  10. 987654321
  11. qwertyuiop
  12. mynoob
  13. 123321
  14. 666666
  15. 18atcskd2w
  16. 7777777
  17. 1q2w3e4r
  18. 654321
  19. 555555
  20. 3rjs1la7qe
  21. google
  22. 1q2w3e4r5t
  23. 123qwe
  24. zxcvbnm
  25. 1q2w3e

Keeper Security called for website operators to do more to force people to create strong phrases. The report stated, “Website operators must take more responsibility for password security. After years of data breaches due to weak passwords, website operators are still not enforcing password best practices. The bigger responsibility lies with website owners who fail to enforce the most basic password complexity policies. It isn’t hard to do, but the list makes it clear that many still don’t bother,” the company noted.




The report added, “While it’s important for users to be aware of risks, a sizable minority are never going to take the time or effort to protect themselves. IT administrators and website operators must do the job for them.”

If you are using any of the password showing in the above list, it is recommended that you change your password immediately. You can protect yourself by using a password manager such as 1Password, which can generate secure passwords and store them online. Alternatively, you can also use two-factor authentication, which will send a text with a code or use an app to verify your log-in.