Skip to main content
  1. Home
  2. Computing
  3. News

These are the worst passwords of 2018. Is yours on this list?

Chuong Nguyen
By

Despite warnings by security experts and repeated breaches, it appears that some internet users have not updated their passwords to a more secure one. SplashData, the company that makes password manager SplashID, studied more than 5 million leaked passwords from recent breaches and found that many of the commonly used passwords on the list are commonly used bad passwords from previous years, like “123456,” “password,” “admin,” and “abc123.”

Making it into the top 25 for bad passwords this year are “donald,” “princess,” and “sunshine.” If you’re guilty of using one of the offending passwords on SplashData’s 100 top worst passwords list of 2018, it’s time to get more creative.

Recommended Videos

Using simple, easy to guess, or a commonly used bad password make your account more susceptible to hacking, which can lead to financial fraud or having your personal information exposed or leaked. Here are the top 10 bad passwords for the year, but you can see the complete list of 100 bad passwords for 2018 from SplashData:

  1. 123456
  2. password
  3. 123456789
  4. 12345678
  5. 12345
  6. 111111
  7. 1234567
  8. sunshine
  9. qwerty
  10. iloveyou

For starters, users can use a password manager to collect their passwords securely in one place. Some popular ones include SplashData’s SplashID, LastPass, and 1Password. In addition to securely storing your passwords, many password managers can also dynamically generate unique, strong passwords when you need to create a new site login or update an existing credential. With a unique password, if one site gets breached, your other credentials wouldn’t be affected.

Related

For banking, Gmail, social media profiles, and other important websites, you can also add multi-factor or two-factor authentication. In addition to requiring a username and password, an additional authentication factor, like a six- or eight-digit passcode, must be used to log in These codes are either sent to you via text message or can be obtained through an authentication app.

Another way to make your password great again is to use an inexpensive hardware-based security key. Prior to releasing its own Titan USB key, Google claimed that when it started internal testing by requiring its employees to use a hardware key in 2017, it saw zero incidents of phishing attacks. With multi-factor authentication, even if an attacker has your login credentials, they wouldn’t be able to access your account without having a hardware key, a passcode sent to your phone, or a unique code that’s generated with an authentication app. Once linked to your account, the hardware keys will work with Windows, Macs, and smartphone devices over USB, USB-C, Bluetooth, or NFC connections, depending on the variant of the key.

Editors' Recommendations

Topics
Chuong Nguyen
Chuong Nguyen
Former Digital Trends Contributor
Silicon Valley-based technology reporter and Giants baseball fan who splits his time between Northern California and Southern…
This dangerous new Mac malware steals your credit card info
A hacker typing on an Apple MacBook laptop while holding a phone. Both devices show code on their screens.

People like to think that Apple’s Macs are more or less invulnerable to the assorted viruses and trojans that afflict Windows PCs, but that’s far from the truth. That’s just been aptly demonstrated by the emergence of a new malware strain that attempts to steal all of your passwords, credit card data, and more.

The discovery was made by security firm SentinelOne, which named the malware MetaStealer. According to SentinelOne, MetaStealer has the potential to trick you into giving away vital information that could cause a huge amount of damage, and it has a nefarious way of getting what it wants.

Read more
How smart light bulbs could steal your password
GE Cync smart lights review

If it's connected to the internet, it can get hacked -- yes, even some of the best smart bulbs. While smart bulbs make it easy to adjust the lighting and ambiance in your room, they connect to Wi-Fi, which makes them susceptible to attacks. Researchers from the Universita di Catania and the University of London discovered a particular vulnerability in the TP-Link Tapo L530E smart bulb and the accompanying TP-Link Tapo app. It seems that hackers could gain access to your passwords just through the smart bulb.

These days, smart devices are more and more prominent in households across the globe. The TP-Link Tapo L530E is a popular smart bulb, which is what drove the researchers to analyze it and attempt to find flaws within its security. Unfortunately, they found at least four vulnerabilities, all stemming from the fact that the bulb's security measures might be insufficient.

Read more
MacBooks could finally get Face ID to boost your security
Apple's 15-inch MacBook Air placed on a desk.

Apple is working on bringing its Face ID authentication system to MacBooks, in what could be a major move to boost your Mac’s security. That’s according to a newly granted patent (number 11727718) that describes the benefits of Face ID and how it could be added to Apple’s laptops.

In the patent, Apple explains that computers are capable of a great deal of different tasks, and many of them can involve storing or handing over your sensitive information -- information that should not fall into the wrong hands. To stop that from happening, some form of authentication system (like Face ID) could be implemented into laptops to toughen up their security.

Read more