The worst passwords of 2023 are also the most common, “123456” comes in first::undefined
only one – “theworldinyourhand” – is virtually uncrackable. It is the number 173 most common password and would take centuries to guess using brute force.
Not anymore. That would get moved towards the top of the rainbow table now.
48736915208 No son, you’re not watching YouTube.
deleted by creator
That’s the kind of password an idiot would use on his luggage!
123456, that’s the same password that I have on my luggage! Set a course for druidia and change the password on my luggage
Yes, President Scroob!
They got this data from password leaks. Crappy sites that force you to create an unnecessary account for basic usage are arguebly more often part of password leaks.
So it’s not a surprise that a huge amount of leaked accounts have passwords like 123456, because that’s exactly the right kind of password for a throwaway account that you’ll never need again. In the best case coupled to a trashmail email account.
No mention of descending numbers, looks like 654321 is still safe. Not that uh, I, would have any particular worry about that one, nope.
eyes dart back and forth rapidly
Just waiting for the day when they start calling out those of us who make all our passwords easy to type with one hand.
Funny, I thought only I did that. Looks like a boss when you login to a system with just one hand and at lightning fast speeds.
All your passwords, or only the ones for certain websites?
Hunter2, still haven’t been hacked (in the past few weeks)
What hasn’t sorry? I can only see *******
I think most of these are for accounts where people don’t care if they are hacked or not.
Regardless, this should not be on the individual. The issue is with the website that allows those types of passwords to begin with. There are sites that don’t allow special characters at all. Stupid.
The most infuriating thing is websites that actually limit secure passwords (e.g. “password must be between 6 and 12 characters”). Preventing longer passwords makes little sense if they’re salting and hashing; and if they’re storing the passwords in plain text (which is just about the only reason to limit the max length to anything less than what a person would reasonably remember), that’s even worse.
Exactly, I’m not using a real password for a site I don’t care about where I have nothing to protect.
I’m using something simple that I can type with one hand.
Something important however? Good luck figuring that out.
Devs out there:
- User: test@example.com
- Pass: Password1!
Just like every year…
Hey, how did you guess the password on my luggage?
There was a huge adobe breach a while back and they made it into a crossword. https://zed0.co.uk/crossword/
![It was bound to happen eventually. This data theft will enable almost limitless [xkcd.com/792]-style password reuse attacks in the coming weeks. There's only one group that comes out of this looking smart: Everyone who pirated Photoshop.](https://imgs.xkcd.com/comics/encryptic.png)
Welp, there goes a few hours of my life. asdfgh! >:o
Have fun.
Wheres the list would like to compare to the previouse ones. Is it on github?
