Top 10 most 'hacked' passwords: '123456,' 'ninja'

It's no coincidence that the most frequently stolen passwords also happen to be the most commonly used. Avoid these at all costs.

In wake of last week's security breach that compromised the accounts of over 450,000 Yahoo! users, an IT security firm has used the data to compile a list of the most hacked online passwords.

And, not so coincidentally, the combinations also happen to be the same ones that are the easiest-to-remember and most frequently used. These include classics such as "123456," "password," and "welcome."

For comparison's sake, here's a list of of the most commonly used passwords, as revealed by Trustwave's survey of business enterprises:

1. Password1
2. welcome
3. password
4. Welcome1
5. welcome1
6. Password2
7. 123456
8. Password01
10. Password3

(For more, check out Joe Mckendrick's report at Business Brains)

And here's the list of the 10 most hacked passwords, including the percentage rate from an analysis of hacked Yahoo! accounts, according to ESET.

1. '123456' used by 1666 (0.38%)
2. 'password' used by 780 (0.18%)
3. 'welcome' used by 436 (0.1%)
4. 'ninja' used by 333 (0.08%)
5. 'abc123' used by 250 (0.06%)
6. '123456789' used by 222 (0.05%)
7. '12345678' used by 208 (0.05%)
8. 'sunshine' used by 205 (0.05%)
9. 'princess' used by 202 (0.05%)
10. 'qwerty' used by 172 (0.04%)

Obviously, the most elementary lesson here is not to use ascending or descending numerical combinations and simple words. Security experts often recommend that users pick mixed combinations that include upper and lower case letters, numbers and symbols.

Those types of passwords can sometimes be difficult to commit to memory, so for a possibly stronger password, some experts suggest a method called password padding, where an easily recallable password is "padded" by many extra special characters. The logic here is that longer passwords will make it significantly tougher for malicious software to break through by running a rapid series of possible combinations in what's known as a brute force attack.

To learn more about this method of fortifying your online accounts check out my guide " How to create an easy-to-remember, ultra-secure password ."

Or you can enlist the help of an elder since it's been found that over 55-year-olds pick better Internet passwords .

Here are some revealing infographics about password security:

Learn more about security and identity theft:

This post was originally published on


You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.
See All