1. News
  2. Privacy

These were the worst passwords of 2017

Avoiding common cybersecurity pitfalls can help keep your information safe

Photo (c) designer491 - Getty Images
From data breaches to fraudulent activity, 2017 saw a number of scary threats to consumers’ security. And although 2018 has just begun, two critical cybersecurity exploits have already unfolded, putting consumers personal information at risk.

In order to keep your sensitive personal information from falling into the wrong hands, it’s crucial to make sure you have a strong password in place on electronic devices, including tablets, smartphones, and computers.

However, a recent study suggests consumers tend to favor convenience over security when it comes to picking a password.

Worst passwords

These were SplashData's top 10 worst passwords from 2017, according to NextAdvisor.

  • 123456

  • password

  • 12345678

  • qwerty

  • 12345

  • 123456789

  • letmein

  • 1234567

  • football

  • Iloveyou

Common password pitfalls

In an interview with ConsumerAffairs, Jocelyn Baird, associate editor at NextAdvisor, pointed out that half the list is made up of strings of ascending numbers.

“This tells us that when people are faced with the need to create a password with a minimum of, for example, six characters, a lot will simply opt for the easiest possible choice and type in ‘123456.’ Those are as lazy as you can get, but the other passwords on the list don’t fare much better,” Baird said.

Many consumers chose login-related passwords (such as “admin” or “passw0rd”), while others opted for a single word that likely had something to do with their life or interests (such as “Andrea” or “starwars”).

Choosing a safe password

In an age where consumers are required to choose a password for everything from their computer at work to their bicycle lock, password fatigue has become a very real problem. Baird noted that the average person has well over ten online accounts.

While it may be tempting to choose the same simple, easy-to-remember password for all your accounts, security experts don’t recommend doing so.

“In general, you’re better off using more variety and characters. A combination of uppercase and lowercase letters, numbers and special characters (e.g., # or !) is the way to go,” Baird said. “And don’t forget that when it comes to passwords, longer is stronger.”

A password manager can help you keep track of all of your passwords. Check out ConsumerAffairs’ list of the best options here.

Additional security measures

In addition to making sure all of your passwords contain the above-mentioned attributes, be sure to utilize all the security options that are available to you.

“Remember, all it takes is one compromised password to unlock your entire network of accounts – especially if you’re using the same password for more than one account,” Baird said.

For an added security boost, she recommends the following:

  • Use two-step verification. Also known as two-factor authentication (or TFA), this security measure requires a second piece of information besides your password to get logged in. “Usually, this second data point is a specially generated, one-time code sent to you via SMS, email, or through a phone call,” Baird said.

  • Set a lock code. To ensure no one can pick up your phone and use it or see its contents, be sure to set a lock code. “These vary from smartphone to smartphone, but can range from a four- to six-digit PIN to a ‘knock code’ created by a specific pattern of taps on your screen to biometrics (e.g., your fingerprint),” Baird said.

  • Be mindful of connections. “Free Wi-Fi from your local coffee shop might seem like a sweet deal, but hackers could be lurking on the network looking for unsuspecting victims,” Baird said.

Take an Identity Theft Quiz. Get matched with an Authorized Partner.