Advertisement

We need your help now

Support from readers like you keeps The Journal open.

You are visiting us because we have something you value. Independent, unbiased news that tells the truth. Advertising revenue goes some way to support our mission, but this year it has not been enough.

If you've seen value in our reporting, please contribute what you can, so we can continue to produce accurate and meaningful journalism. For everyone who needs it.

"Why did I think 123456789 would be a good password?" AP Photo/Frank Augstein

Yep, people are still pretty terrible at choosing passwords

You would think that people would know not to use ’123456′ as a password.

BACK IN 2012, LINKEDIN experienced a major breach which saw the passwords of some users being revealed. At the time, it was estimated that 6.5 million passwords were stolen from it.

Fast forward to today and it turns out that figure was much higher than expected, 117 million passwords to be exact. LinkedIn confirmed that these passwords and accompanying emails came from the breach four years ago.

It has responded by invalidating passwords for all accounts created prior to 2012 who have not updated their password since the breach. It has also told users to change their password regardless.

After it happened, researchers from LeakedSource compiled a list of the most popular passwords used and to say they’re terrible would be a major understatement. Many of them have appeared in other bad password lists and are very easy to crack using modern software.

By far, the most popular password was 123456 which saw 753,000 accounts using it. The second one was ‘linkedin’ with 172,000 accounts followed by ‘password’ (144,000 accounts) and 123456789 (94,000 accounts).

The 15 most popular bad passwords were:

1) 123456
2) linkedin
3) password
4) 123456789
5) 12345678
6) 111111
7) 1234567
8) sunshine
9) qwerty
10) 654321
11) 000000
12) password1
13) abc123
14) charlie
15) linked

As with all advice relating to passwords, if you’re using any of the above (or the rest in LeakedSource’s list of 49) for any accounts, you should change it immediately.

There are a few steps you can take to make your account more secure. Making them as long as possible and using different characters is a good start. On top of that, using phrases (splitting them up with different characters like _, $ and € is a good habit), activate two-factor authentication where possible and avoid using the same password for multiple accounts.

Read: Google patents sticky car bonnets so pedestrians attach to it when hit >

Read: Grand Theft Auto V is part of an exclusive club but who else is in it? >

Your Voice
Readers Comments
21
    Submit a report
    Please help us understand how this comment violates our community guidelines.
    Thank you for the feedback
    Your feedback has been sent to our team for review.