The worst passwords of 2023 are also the most common, “123456” comes in first::undefined
only one – “theworldinyourhand” – is virtually uncrackable. It is the number 173 most common password and would take centuries to guess using brute force.
Not anymore. That would get moved towards the top of the rainbow table now.
deleted by creator
OTOH passphrases are so rarely used that other than a handful of common examples that would already be in a word list such as CorrectHorseBatteryStaple, it would be rather unlikely for anyone to bother even trying unless they are specifically trying to crack a specific password.
So maybe don’t use a plain four word english passphrase as the admin login, but if your facebook password is ZuckerbergSucksFlaccidCock, 'tis probably fine.
48736915208 No son, you’re not watching YouTube.
Handing the security of your accounts to… mobile carriers… always felt iffy to me.
That’s the kind of password an idiot would use on his luggage!
123456, that’s the same password that I have on my luggage! Set a course for druidia and change the password on my luggage
Yes, President Scroob!
They got this data from password leaks. Crappy sites that force you to create an unnecessary account for basic usage are arguebly more often part of password leaks.
So it’s not a surprise that a huge amount of leaked accounts have passwords like 123456, because that’s exactly the right kind of password for a throwaway account that you’ll never need again. In the best case coupled to a trashmail email account.
Username: admin
Password: admin
Username: guest
Password: guest
I am in! Oh… I do not have any access
Apparently, people creating new accounts seem to assume the word (password) in the box in light gray font is a suggestion rather than a label.
lol
Good old ]yèî̾ÌP®åÙyJàºséí³Òò&ÚÀxÁõÝÞ/ÍÔ9~B6Æ¿Üïd`ÛÝm®@. Nobody ever guesses that.
Sorry. Your password cannot contain proper nouns like the name of Elon Musk’s child.
Your password must contain at least one emoji.
í³Ò
No mention of descending numbers, looks like 654321 is still safe. Not that uh, I, would have any particular worry about that one, nope.
eyes dart back and forth rapidly
Hunter2, still haven’t been hacked (in the past few weeks)
What hasn’t sorry? I can only see *******
I think most of these are for accounts where people don’t care if they are hacked or not.
Regardless, this should not be on the individual. The issue is with the website that allows those types of passwords to begin with. There are sites that don’t allow special characters at all. Stupid.
The most infuriating thing is websites that actually limit secure passwords (e.g. “password must be between 6 and 12 characters”). Preventing longer passwords makes little sense if they’re salting and hashing; and if they’re storing the passwords in plain text (which is just about the only reason to limit the max length to anything less than what a person would reasonably remember), that’s even worse.
There was a belief, before the advent of ubiquitous password managers, that allowing passwords to be “too long” would result in people forgetting their password more often, entering it wrong, or some combination which would increase reset requests and ultimately cause people to use worse passwords. Basically “you can’t remember a 54 character random password, and you’re gonna get pissed and switch to a six character predictable word”.
This is now obviously a terrible line of reasoning, but it was only middling bad at the time.
Oh, i guess that makes some sort of sense - obviously I disagree with the conclusion, but I understand it - but it’s beyond frustrating when you think “maybe I’ll pay this bill online” and see that limit. And even if that is the reasoning for the limit, if they haven’t updated their requirements in all that time, I have little faith that they’re storing my sensitive information securely.
Exactly, I’m not using a real password for a site I don’t care about where I have nothing to protect.
I’m using something simple that I can type with one hand.
Something important however? Good luck figuring that out.
That’s amazing, I’ve got the same combination in my username!
Hey, how did you guess the password on my luggage?
Just like every year…
Devs out there:
- User: test@example.com
- Pass: Password1!
Mine is 654321
Since it is the opposite sequence, it clearly must be the most secure
