Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Email Security

‘Password’ No Longer the Internet’s Worst Password

The number sequence “123456” has overtaken “password” as the most common worst password among Internet users, an online security firm says.

Releasing its annual Worst Passwords list, SplashData said it was the first time “password” had lost its number-one position, changing places with its numerical rival.

The number sequence “123456” has overtaken “password” as the most common worst password among Internet users, an online security firm says.

Releasing its annual Worst Passwords list, SplashData said it was the first time “password” had lost its number-one position, changing places with its numerical rival.

In third place was “12345678,” unchanged from 2012, while “qwerty” and “abc123” came in fourth and fifth — and “iloveyou” climbed two spots to number nine.

Swinging the results, SplashData said, was a major security breach involving Adobe that laid bare the widespread use of weak passwords among users of such Adobe products as Photoshop.

“Seeing passwords like ‘adobe123’ and ‘photoshop’ on this list (for the first time) offers a good reminder not to base your password on the name of the website or application you are accessing,” said SplashData chief executive Morgan Slain, whose company markets password management apps.

Like other password experts, SplashData encouraged Internet users to opt for “passphrases” — a bunch of random words, numbers and characters, like “smiles_like_skip?” — that are easy to remember, but harder for online scam artists to crack.

Written By

AFP 2023

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Email Security

Microsoft is urging customers to install the latest Exchange Server updates and harden their environments to prevent malicious attacks.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cloud Security

Microsoft and Proofpoint are warning organizations that use cloud services about a recent consent phishing attack that abused Microsoft’s ‘verified publisher’ status.

Incident Response

Cygnvs emerges from stealth mode with an incident response platform and $55 million in Series A funding.

Data Breaches

T-Mobile disclosed another massive data breach affecting approximately 37 million customer accounts.

Application Security

GitHub this week announced the revocation of three certificates used for the GitHub Desktop and Atom applications.