2013 Most Commonly Used Passwords

SplashData Study
Most people are guilty of using poor passwords somewhere on the Internet.  It’s hard when nearly every website we visit requires an account these days, and it can be tempting to use something short and simple such as “password” or “123456”.  Unfortunately, it’s so tempting that lots of people do it and do it often.  A company called SplashData has been tracking password use over the years, and has compiled their 2013 list of most commonly used passwords.  The breach of Adobe.com’s website helped SplashData compare a large number of users’ passwords (>100 Million) to find the most common and the results showed that passwords are often simple (password, 123456, etc) or include something specific to the company’s name, website, or products  such as ‘adobe123’ and ‘photoshop’ (the name of an Adobe product).

Important Password Rules
The most important rules to remember about passwords are to use ones that are somewhat hard to guess and to not reuse them across different websites.  This is especially true of important sites such as online retail, banking, tax preparation, investments, and retirement funds where your money is at risk in the event of a breach.  You should change your password occasionally (once a year is a safe average) and avoid logging into important websites from computers that are likely to be insecure:

  • Computers running older software (such as Windows Vista, XP or older)
  • Shared public computers (libraries, hotels, airports, etc)
  • Computers used heavily by children and teenagers (likely to have lots of software installed)

It is also important to avoid public WiFi spots at places such as coffee shops and airports as they are notoriously insecure.  Hackers sometimes setup “rogue” WiFi networks simply to capture passwords.  Instead, try “tethering” to your phone or using the mobile hotspot feature offered by many wireless carriers today.

Top 25 Most Common Passwords for 2013
The following are the top 25 most commonly used passwords according to SplashData.  Learn more at http://splashdata.com/press/worstpasswords2013.htm.

Rank Password Change from 2012

1

123456

Up 1

2

password

Down 1

3

12345678

Unchanged

4

qwerty

Up 1

5

abc123

Down 1

6

123456789

New

7

111111

Up 2

8

1234567

Up 5

9

iloveyou

Up 2

10

adobe123

New

11

123123

Up 5

12

admin

New

13

1234567890

New

14

letmein

Down 7

15

photoshop

New

16

1234

New

17

monkey

Down 11

18

shadow

Unchanged

19

sunshine

Down 5

20

12345

New

21

password1

Up 4

22

princess

New

23

azerty

New

24

trustno1

Down 12

25

000000

New
Jake McAleer, CISA, CCNA

About Jake McAleer, CISA, CCNA

Jake is the IT Audit and Security Manager at O'Connor & Drew, P.C. where he focuses on security and compliance. His previous positions include internet infrastructure services, IT audit in the financial industry, and systems work with defense contractors.



Jake McAleer, CISA, CCNA
Author: Jake McAleer, CISA, CCNA
Jake is the IT Audit and Security Manager at O'Connor & Drew, P.C. where he focuses on security and compliance. His previous positions include internet infrastructure services, IT audit in the financial industry, and systems work with defense contractors.