Friday, May 9, 2025
HomeComputer SecurityList of Top 25 Worst Passwords of 2018 Based On 5 Million...

List of Top 25 Worst Passwords of 2018 Based On 5 Million Leaked Passwords

Published on

SIEM as a Service

Follow Us on Google News

Passwords are the strings of cards used to verify the identity of the user, when the passwords are extracted they are free simple and viable approach to gain access to unapproved individuals accounts.

After evalvating millions of passwords SplashData determines the common passwords used by Internet users during that year. The most terrible password used are “123456” and “password”.

They continue to hold the #1 and #2 spots, respectively, the easily hackable password will put a substantial risk of getting beig hacked.

- Advertisement - Google News

Also a new password debuted this year list “donald” ranked 23rd position, “Sorry, Mr. President, but this is not fake news – using your name or any common name as a password is a dangerous decision,” said Morgan Slain, CEO of SplashData, Inc.“

Every year SplashData evaluate millions of old password from data breaches to determine the weakest passwords.

According to the SplashData almost 10% of the people used one of the most 25 worst passwords on the year’s list and only 3% of people have used the worstpassword, “123456”.

Here is the list of top 25 passwords used in year 2018

  • 123456 (Rank unchanged from last year)
  • password (Unchanged)
  • 123456789 (Up 3)
  • 12345678 (Down 1)
  • 12345 (Unchanged)
  • 111111 (New)
  • 1234567 (Up 1)
  • sunshine (New)
  • qwerty (Down 5)
  • iloveyou (Unchanged)
  • princess (New)
  • admin (Down 1)
  • welcome (Down 1)
  • 666666 (New)
  • abc123 (Unchanged)
  • football (Down 7)
  • 123123 (Unchanged)
  • monkey (Down 5)
  • 654321 (New)
  • !@#$%^&* (New)
  • charlie (New)
  • aa123456 (New)
  • donald (New)
  • password1 (New)
  • qwerty123 (New

“Our hope by publishing this list each year is to convince people to take steps to protect themselves online,” said Morgan Slain, CEO of SplashData, Inc.

Here is the video shows the worst 100 passwords of 2018.

Tips to Stay Safe

  • Use a complex password, enforce strong password policy.
  • Check the password regularly, Use two-factor authentication(2FA) for vital sites like managing an account and Emails, make sure all the passwords are unique.
  • Change the Manufactures default Password that gadgets are issued with before they are conveyed to the IT Department.
  • Configure using password Manager only for your less important websites and accounts.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.

Dixons Carphone Suffers Massive Data Breach, 5.9 Million Payment Cards & 1.2 Million Personal Data Exposed

37,000 Eir Customer’s Personal Data Exposed as their Company Laptop Stolen

Dell Hacked – Data Breach Exposed Names, Email addresses & Hashed Passwords

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Chinese Hackers Exploit SAP RCE Vulnerability to Deploy Supershell Backdoors

A critical remote code execution (RCE) vulnerability, identified as CVE-2025-31324, in SAP NetWeaver Visual...

Hackers Target IT Admins by Poisoning SEO to Push Malware to Top Search Results

Cybercriminals are increasingly targeting IT administrators through sophisticated Search Engine Optimization (SEO) poisoning techniques. By...

New Mamona Ransomware Targets Windows Systems Using Abused Ping Command

Cybersecurity researchers are raising the alarm about a newly discovered commodity ransomware strain dubbed Mamona,...

Malicious Python Package Impersonates Discord Developers to Deploy Remote Commands

A seemingly innocuous Python package named ‘discordpydebug’ surfaced on the Python Package Index (PyPI)...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

7 Best Third-Party Risk Management Software in 2025

Whether you operate a small business or run a large enterprise, you rely on...

10 Best Patch Management Tools 2025

In today's digital landscape, maintaining secure and efficient IT systems is critical for organizations....

10 Best Cloud Security Solutions 2025

In today’s digital era, businesses are increasingly adopting cloud computing to store data, run...