Worst passwords of 2012

Font Size:

Password management application firm SplashData has released its annual list of the most common passwords used on the internet with some surprising results. Drew shares the list and explains how to create a secure password.

The biggest movers on the list this year at the top end of the scale are ‘111111’ and ‘dragon’. While we don’t have an explanation for the move by ‘111111’, we were not surprised to see ‘dragon’ move up the list with 2012 being the Year of the Dragon.

The three most common password from last years list have remained at the top of this year’s list with ‘password’, ‘123456’ and ‘12345678’. find out how to keep your passwords safe by reading Drew’s password tips to keep your data secure and how to choose a secure password. 

Top 25 most common passwords

  1. password
  2. 123456
  3. 12345678
  4. abc123
  5. qwerty
  6. monkey
  7. letmein
  8. dragon
  9. 111111
  10. baseball
  11. iloveyou
  12. trustno1
  13. 1234567
  14. sunshine
  15. master
  16. 123123
  17. welcome
  18. shadow
  19. ashley
  20. football
  21. jesus
  22. michael
  23. ninja
  24. mustang
  25. password1

For more information visit www.spashdata.com

Join YourLifeChoices today
and get this free eBook!

By joining YourLifeChoices you consent that you have read and agree to our Terms & Conditions and Privacy Policy

Written by Drew

Starting out as a week of work experience in 2005 while studying his Bachelor of Business at Swinburne University, Drew has never left his post and has been with the company ever since, working on the websites digital needs. Drew has a passion for all things technology which is only rivalled for his love of all things sport (watching, not playing).


Total Comments: 4
  1. 0

    Hackers and other nasties use often automated software to break passwords. They usually start with a list or dictionary of English words, and try all possible combinations of those words against the target. They exploit a weakness in the password encryption techniques used by software venders to enable any password which only uses english language words (that would be in a dictionary) to be cracked more much more easily than a random group of letters which are not words.
    My approach is to use passwords which include numbers and punctuation, as well as capitals and lower case letters, but not english language words. These can be hard to remember.
    One way to create a rememberable string of letters is to take the initial letters of some phrase or group of words that you can easily remember. Even better if they contain a number and some punctuation – eg the first few lines of a nursery rhyme are “Three blind mice, Three blind mice, See how they run” becomes ‘3bm,3bm,Shtr’ – which requires an enormous amount of compute power and time to break, yet is reasonably easy to remember.
    Try song titles, band/group titles, poems, biblical verses, sayings, proverbs. latin phrases and such like as the basic phrase. Be careful as sometimes even the initial letters of a phrase can form a word likely to be in the dictionary – eg “Mary had a little lamb” becomes “Mhall” – which contains the word ‘hall’.
    Good luck KenF

  2. 0

    Ken, I suggest you hit “Post comment” only once, so that your comment is not repeated.

  3. 0

    How does SplashData, or anyone for that matter, know what our passwords are? Aren`t we meant to keep them too ourselves?

  4. 0

    My apologies to everyone for hitting the ‘post comment’ button twice. I hope the moderator can remove the second posting.

    We keep them to ourselves, but the computer has to store them – that is the basic problem.

    When you use a system for the first time you usually have to create a ‘user account’ with a user name and password. The system admin staff may do this for you in a work place environment. The password is then encrypted by the operating system and stored on disk indexed by your user-name. When you log on at some later date, the password that you give is encrypted by the system, and compared to the encrypted password that was previously stored under your user-name. If it matches, you are allowed to log-on, otherwise you get a ‘password failure’ message.
    Hackers know how to find the file of encrypted passwords (it is usually well documented), but they cannot tell what the un-encrypted password is. They then use some special programs which try to work out the original passwords from the encrypted version – this is called ‘cracking the encryption’ or simply ‘decryption’. Such programs are readily available on the Internet. The programs use all of the tricks that they can to perform the decryption – such as first trying most common ‘worst passwords’ as listed in the article above (and a lot of other variations to these techniques). If that doesn’t work, they then face a very compute intensive task of trying all possible combinations until they manage the decryption. We can make that task more difficult by using passwords with a mixture of capital letters, lower case letters, digits, and punctuation marks. Also we can make it even maor difficult by using longer passwords. However, a password like “[email protected]&^%” is probably very secure but also probably very useless because you probably could not remember it, nor type it quickly and accurately. Hence my suggestion of the initial letters of the words in a song title, song line, poem or such like as these are easier to remember. hope this helps KenF



continue reading


Max Williams experiences the magic of Lake Mungo

I gaze in wonder at the small bone fragments I am holding. Most likely they are part of a Murray...

Travel News

WA opens borders – but not to everyone

After hard lockdowns, travellers from New South Wales and Victoria have been granted quarantine free access to Western Australia. As...


Home quarantine off the table – for now, says Dan Andrews

Victoria will accept overseas travellers from 7 December. And while there was hope that returning travellers to Melbourne could do...


Adelaide family returns home to find koala perched on Christmas tree i

An Adelaide Hills family has returned to their home after a short outing to find a koala perched on the...


Best Christmas markets 2020

It's no surprise that Christmas markets will be operating differently this year, and sadly many of the country's favourites won't...


Bushwalking for beginners

Bushwalking is one of life's simple pleasures, an environmentally-friendly means of enjoying natural and cultural wonders which exercises you, yet...

Travel Q&A

Travel SOS: All you need to know about flexible travel

Susan is starting to feel comfortable about booking travel, but wants the new rules explained. --- Q. SusanI thought it...

Self-drive holidays

Planning a road trip in a pandemic?

Thea van de Mortel, Griffith University As restrictions ease around the country and the prospect of travel beckons, many of...