Here are the world's most popular passwords - they're also the world's worst
From 'starwars' to 'whatever', our secret phrases are a gift to hackers. Image: REUTERS/Robert Galbraith
Get involved with our crowdsourced digital platform to deliver impact at scale
Stay up to date:
Information Technology
One of the most tedious problems of the modern age is remembering all of our online login details. After submitting to the Forgot your password button countless times, we often resort to using and reusing unsafe logins on many different websites. This creates a security risk: if a hacker can guess one of these passwords, then they have access to everything.
Password is not secure
Every year SplashData creates a list of the most popular passwords that have been stolen and made public. They noted that most of these passwords were used in North America and Western Europe.
The most popular ones, “123456” and “password”, remain unchanged from last year's charts. New entries include “letmein”, “whatever” and, interestingly, “starwars”. Sadly, though, using cultural references when signing in is a bad idea, warn experts.
Morgan Slain, the CEO of SplashData, explains: “Unfortunately, while the newest episode may be a fantastic addition to the Star Wars franchise, ‘starwars’ is a dangerous password to use. Hackers are using common terms from pop culture and sports to break into accounts online because they know many people are using those easy-to-remember words.”
A global risk
The risk of using such weak passwords should not be taken lightly. The World Economic Forum lists cyber attacks as the third most pressing threat of our time.
While many of us believe we have nothing to offer hackers, a breach of our privacy can have serious repercussions. Personal information can be stolen and used for identity theft, or hackers could use medical records or personal photos as blackmail.
These two graphs show that although people may believe that cyber security is important, they still reuse the same password for multiple logins.
How many of your accounts use the same password?
As long as we are aware of the risks to our personal safety, we can begin protecting ourselves from future attacks. Jean Yang, an assistant professor of Computer Science at Carnegie Mellon University, spoke at the World Economic Forum Annual Meeting 2018. She explained what consumers can do.
“In order for software to be secure, consumers have to demand it, they have to practise good hygiene.”
Creating secure passwords is the first step to creating such hygiene and preventing future attacks. An indecipherable password must be long, have lower and upper-case letters and include special characters and numbers. There should be nothing within the code that includes anything related to you, such as pet names or your birthday, and try to use phrases instead of words.
Alongside the password itself, there are also extensions you can install that will hold your information securely; it is also worth activating a two-factor authentication wherever possible.
Don't miss any update on this topic
Create a free account and access your personalized content collection with our latest publications and analyses.
License and Republishing
World Economic Forum articles may be republished in accordance with the Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International Public License, and in accordance with our Terms of Use.
The views expressed in this article are those of the author alone and not the World Economic Forum.
The Agenda Weekly
A weekly update of the most important issues driving the global agenda
You can unsubscribe at any time using the link in our emails. For more details, review our privacy policy.
More on CybersecuritySee all
Spencer Feingold and Filipe Beato
August 27, 2024
Akshay Joshi
August 9, 2024
Akhilesh Tuteja
July 30, 2024
William H. Dutton and Luna Rohland
July 24, 2024
Rob Rashotte
July 23, 2024