Here are the world's most popular passwords - they're also the world's worst

Cybersecurity researcher Billy Rios points to a computer line reading "Gods Password," a password he was able to uncover by analyzing the software in a Pyxis medical supply dispenser that he says he purchased on Ebay for a few hundred dollars, in Redwood City, California October 10, 2014. Picture taken October 10, 2014. To match Insight CYBERSECURITY-MEDICALDEVICES/  REUTERS/Robert Galbraith  (UNITED STATES - Tags: SCIENCE TECHNOLOGY HEALTH)

From 'starwars' to 'whatever', our secret phrases are a gift to hackers. Image: REUTERS/Robert Galbraith

Laura Nash
Our Impact
What's the World Economic Forum doing to accelerate action on Cybersecurity?
The Big Picture
Explore and monitor how Cybersecurity is affecting economies, industries and global issues
A hand holding a looking glass by a lake
Crowdsource Innovation
Get involved with our crowdsourced digital platform to deliver impact at scale
Stay up to date:


One of the most tedious problems of the modern age is remembering all of our online login details. After submitting to the Forgot your password button countless times, we often resort to using and reusing unsafe logins on many different websites. This creates a security risk: if a hacker can guess one of these passwords, then they have access to everything.

Password is not secure

Every year SplashData creates a list of the most popular passwords that have been stolen and made public. They noted that most of these passwords were used in North America and Western Europe.

Image: TeamsID

The most popular ones, “123456” and “password”, remain unchanged from last year's charts. New entries include “letmein”, “whatever” and, interestingly, “starwars”. Sadly, though, using cultural references when signing in is a bad idea, warn experts.

Morgan Slain, the CEO of SplashData, explains: “Unfortunately, while the newest episode may be a fantastic addition to the Star Wars franchise, ‘starwars’ is a dangerous password to use. Hackers are using common terms from pop culture and sports to break into accounts online because they know many people are using those easy-to-remember words.”

A global risk

The risk of using such weak passwords should not be taken lightly. The World Economic Forum lists cyber attacks as the third most pressing threat of our time.

Image: World Economic Forum

While many of us believe we have nothing to offer hackers, a breach of our privacy can have serious repercussions. Personal information can be stolen and used for identity theft, or hackers could use medical records or personal photos as blackmail.

These two graphs show that although people may believe that cyber security is important, they still reuse the same password for multiple logins.

How many of your accounts use the same password?

Image: Statista
Image: Statista

As long as we are aware of the risks to our personal safety, we can begin protecting ourselves from future attacks. Jean Yang, an assistant professor of Computer Science at Carnegie Mellon University, spoke at the World Economic Forum Annual Meeting 2018. She explained what consumers can do.

“In order for software to be secure, consumers have to demand it, they have to practise good hygiene.”

Creating secure passwords is the first step to creating such hygiene and preventing future attacks. An indecipherable password must be long, have lower and upper-case letters and include special characters and numbers. There should be nothing within the code that includes anything related to you, such as pet names or your birthday, and try to use phrases instead of words.

Alongside the password itself, there are also extensions you can install that will hold your information securely; it is also worth activating a two-factor authentication wherever possible.

Have you read?
Don't miss any update on this topic

Create a free account and access your personalized content collection with our latest publications and analyses.

Sign up for free

License and Republishing

World Economic Forum articles may be republished in accordance with the Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International Public License, and in accordance with our Terms of Use.

The views expressed in this article are those of the author alone and not the World Economic Forum.

World Economic Forum logo
Global Agenda

The Agenda Weekly

A weekly update of the most important issues driving the global agenda

Subscribe today

You can unsubscribe at any time using the link in our emails. For more details, review our privacy policy.

'Pig-butchering’ scams on the rise as technology amplifies financial fraud, INTERPOL warns

Spencer Feingold and Johnny Wood

April 10, 2024

About Us



Partners & Members

  • Join Us

Language Editions

Privacy Policy & Terms of Service

© 2024 World Economic Forum