Byte of Prevention Blog

by Jay Reeves |

The 25 Worst Passwords Ever

PasswordBy now you probably know it’s not a good idea to use the numbers “123456” as a password for your online accounts.

But did you know “sunshine” is just as bad – and “qwerty” and “shadow” are even worse?

Password protection is on everyone’s mind following a string of massive data breaches that rocked the cyber-world.

One of the more disturbing incidents happened in September, when a Google Gmail hack compromised 5 million user accounts. Gmail users worldwide were surprised – to say the least – to log onto sites like this one and find their passwords openly exposed to the public.

What made this attack notable was that the bad guys did not target Google directly. Instead, they hacked into other sites where users had logged in with their Gmail addresses. As a result, the hackers wound up with an unexpected two-fer: personal information from the hacked sites plus an enormous cache of Gmail passwords.

And thus a new threat was added to the growing list of cyber-risks: downstream exposure where a password for Site A is stolen in a hack of Site B.

25 Passwords to Avoid

Here is Mashable’s list of the 25 worst online passwords.

  1. 123456
  2. password
  3. 12345678
  4. qwerty
  5. abc123
  6. 123456789
  7. 111111
  8. 1234567
  9. iloveyou
  10. adobe123
  11. 123123
  12. admin
  13. 1234567890
  14. letmein
  15. photoshop
  16. 1234
  17. monkey
  18. shadow
  19. sunshine
  20. 12345
  21. password1
  22. princess
  23. azerty
  24. trustno1
  25. 000000

Tips for Protecting Your Password

  • Use different passwords for different online accounts
  • Change your passwords periodically
  • Choose long passwords that combine special characters and numbers.
  • Use a password manager to keep track of your accounts
  • Opt for two-factor authentication whenever it is offered
  • Keep your computer up to date
  • Keep track of your portable devices
  • Don’t loan your devices to anyone you don’t know and trust

Do you have a password horror story? Or maybe you have some additional safety tips? Send us a comment.


Jay Reeves a/k/a The Risk Man has practiced law in North Carolina and South Carolina. Formerly he was Legal Editor at Lawyers Weekly and Risk Manager at Lawyers Mutual. Contact him at 919-619-2441 or

About the Author

Jay Reeves

Jay Reeves practiced law in North Carolina and South Carolina. He was Legal Editor at Lawyers Weekly and Risk Manager at Lawyers Mutual. He is the author of The Most Powerful Attorney in the World, a collection of short stories from a law life well-lived, which as the seasons pass becomes less about law and liability and more about loss, love, longing, laughter and life's lasting luminescence.

Read More by Jay >

Related Posts