X

The dumbest passwords people still use

Everybody knows that 12345 is a bad password. But what they're using instead isn't much stronger
By Leslie Gornstein, Contributing Editor
man-downl79gjh.jpg
1 of 26 Lionsgate Premiere

Sh1a-labe0uf

We asked network security experts to tell us which passwords Americans just can't stop using right now, even though they should. Here's what they told us. Yes: A bizarrely high number of Americans are taking the name of a sometimes-troubled actor, moving some characters around, and calling it a password.

"This was cracked from a wordlist," VIPRE Chief Product Officer Usman Choudhary says. "You can bank on pretty much any famous person out there -- actors, celebrities, athletes, you name it -- being in wordlists because people have [them] in their passwords."

star-wars-rogue-onelqoi8g.jpg
3 of 26 LucasFilm/Disney

StarWars

Andrew Morris, threat researcher at Endgame, says this one featured prominently in the leaked "Exploit.in" password dump, which contains over 800 million plaintext usernames and passwords presumably cracked from different sources and leaked onto the darknet.

wowtombofsargeras7-205.jpg
8 of 26 Blizzard
star-wars3c0b11e8.jpg
9 of 26 LucasFilm/Disney
batman-vs-supermanxw9ps7-1.jpg
10 of 26 Warner Bros.

Superman

Ajit Sancheti, co-founder and CEO of cybersecurity startup Preempt, and his team, created a list of categories for most common passwords they're seeing. A big one: Fictional characters. If you're a fan of Superman, chances are, so are hackers.

rent.jpg
11 of 26 Leslie Gornstein/ZDNET

Rental148

Maybe it's a reference to the Broadway-musical-turned-movie Rent, or maybe it's just somebody's apartment. Either way, it's a staple in any brute force dictionary these days.

"We're seeing lots of variations on the word 'rent' plus a string of numbers after it," says RJ Gazarek, a security expert at Thycotic. "Helpful hint - a simple word, and a string of numbers, does not make a strong password."

img3553.jpg
16 of 26 Leslie Gornstein for ZDNet

Whatever your cat's name is

Common pet names are easily cracked right now, says Andrew Newman, CEO of Reason Software Company. That goes for popular names such as Smokey or BabyGirl; or less common pet names, such as Keppie (seen here being WAY too complacent about her password).

shutterstock87247558.jpg
18 of 26 Shutterstock/Featureflash Photo Agency

Princess

"These [terms] are all in any password dictionary used by hackers," says Matt Devost, managing director of Accenture Security.

Keep reading for still more terms that are way too popular right now ... both for users and for hackers, according to our security experts.

Related Galleries

Holiday wallpaper for your phone: Christmas, Hanukkah, New Year's, and winter scenes
Holiday lights in Central Park background

Related Galleries

Holiday wallpaper for your phone: Christmas, Hanukkah, New Year's, and winter scenes

21 Photos
Winter backgrounds for your next virtual meeting
Wooden lodge in pine forest with heavy snow reflection on Lake O'hara at Yoho national park

Related Galleries

Winter backgrounds for your next virtual meeting

21 Photos
Holiday backgrounds for Zoom: Christmas cheer, New Year's Eve, Hanukkah and winter scenes
3D Rendering Christmas interior

Related Galleries

Holiday backgrounds for Zoom: Christmas cheer, New Year's Eve, Hanukkah and winter scenes

21 Photos
Hyundai Ioniq 5 and Kia EV6: Electric vehicle extravaganza
img-8825

Related Galleries

Hyundai Ioniq 5 and Kia EV6: Electric vehicle extravaganza

26 Photos
A weekend with Google's Chrome OS Flex
img-9792-2

Related Galleries

A weekend with Google's Chrome OS Flex

22 Photos
Cybersecurity flaws, customer experiences, smartphone losses, and more: ZDNet's research roundup
shutterstock-1024665187.jpg

Related Galleries

Cybersecurity flaws, customer experiences, smartphone losses, and more: ZDNet's research roundup

8 Photos
Inside a fake $20 '16TB external M.2 SSD'
Full of promises!

Related Galleries

Inside a fake $20 '16TB external M.2 SSD'

8 Photos