The Worst 25 Passwords of 2017

“Hacking” and “hackers” are two terms that resonated with 2017. It wasn’t just widespread coverage of election hacking. From Equifax, Uber, Game of Thrones and even Gordon Ramsay’s father-in-law, both the hackers and the hacked brought to life a renewed conversation about password protection.

SplashData, the password management provider, just released its annual list of “Worst Passwords of the Year” using data from 5 million leaked passwords from users in North America and Western Europe. According to SplashData, the results do not include passwords from Yahoo’s security breach that impacted 3 billion accounts.

The worst passwords in 2017 included some repeat offenders and completely new terms. Just like last year, the first and second most used passwords were “123456” and “Password,” respectively. While “12345” went down two spots to the number 5 slot, “123456789” was a new addition at number 8.

Star Wars and Game of Thrones fans are not exempt from this list, either. Users should take the force from Star Wars: The Last Jedi and create some stronger passwords. For the first time, “starwars” rang in at the 16th spot, and “dragon” increased one spot to number 18.

Stuck on how to create a stronger and less hacker-friendly password? According to SplashData, the key is using at least 12 characters with a combination of upper and lowercase letters and characters. Try switching up passwords for various websites, too.

Here’s the full list for 2017’s worst passwords:

123456

Password

12345678

qwerty

12345

123456789

letmein

1234567

football

iloveyou

admin

welcome

monkey

login

abc123

starwars

123123

dragon

passw0rd

maste

hello

freedom

whatever

qazwsx

trustno1