Five Worst Passwords Ever!

If you are using one of these passwords, you might as well not have a password.  This is according to a recent post on the Microsoft blog.

  • Password
  • Letmein
  • Monkey
  • A pet’s name (i.e. Fluffy)
  • 12345678

This five is from another list on the CBS News website that lists the 25 most commonly used passwords in 2013.

  • 123456
  • password
  • 12345678
  • qwerty
  • abc123

Two of these passwords were common to both lists.

You may be wondering how we know what passwords are the most used?  The answer is that security researchers who shop on the Internet underground for “Rainbow Tables” or lists of cracked passwords found these to be the most common.

And again, password rules to follow:

  • Longer passwords are better.  I recommend at least ten characters.
  • Use UPPER CASE, lower case, num63rs, and $ym6o!$
  • Do not use the same password on multiple sites.
  • Do not use words from any language.
  • Do not use names of family members or pets, birthdates or anniversaries, or other information that is a matter of public record.  I can find your mother’s maiden name with little difficulty on any genealogy site.  Or Facebook for that matter.


About the Author:

I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at

Add a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.