/>
X

The dumbest passwords people still use

Everybody knows that 12345 is a bad password. But what they're using instead isn't much stronger
man-downl79gjh.jpg
1 of 26 Lionsgate Premiere

Sh1a-labe0uf

We asked network security experts to tell us which passwords Americans just can't stop using right now, even though they should. Here's what they told us. Yes: A bizarrely high number of Americans are taking the name of a sometimes-troubled actor, moving some characters around, and calling it a password.

"This was cracked from a wordlist," VIPRE Chief Product Officer Usman Choudhary says. "You can bank on pretty much any famous person out there -- actors, celebrities, athletes, you name it -- being in wordlists because people have [them] in their passwords."

admin.jpg
2 of 26 20th Century Fox
star-wars-rogue-onelqoi8g.jpg
3 of 26 LucasFilm/Disney

StarWars

Andrew Morris, threat researcher at Endgame, says this one featured prominently in the leaked "Exploit.in" password dump, which contains over 800 million plaintext usernames and passwords presumably cracked from different sources and leaked onto the darknet.

jennifer.jpg
4 of 26 20th Century Fox

Anything with Jennifer in it

wowtombofsargeras7-205.jpg
8 of 26 Blizzard

Mynoob

Too many people (World of Warcraft players maybe?) use this one, according to Keeper Security, which analyzed 10 million passwords that were breached in 2016 and shared a list of the top 25 most common ones.

star-wars3c0b11e8.jpg
9 of 26 LucasFilm/Disney

Ut4luke

Shorthand for "Use the Force, Luke."

"An attacker will be able to guess this one in minutes," says Jason Hong of the Carnegie Mellon School of Computer Science. "Anything that has a common pattern is easily breakable."

batman-vs-supermanxw9ps7-1.jpg
10 of 26 Warner Bros.

Superman

Ajit Sancheti, co-founder and CEO of cybersecurity startup Preempt, and his team, created a list of categories for most common passwords they're seeing. A big one: Fictional characters. If you're a fan of Superman, chances are, so are hackers.

rent.jpg
11 of 26 Leslie Gornstein/ZDNet

Rental148

Maybe it's a reference to the Broadway-musical-turned-movie Rent, or maybe it's just somebody's apartment. Either way, it's a staple in any brute force dictionary these days.

"We're seeing lots of variations on the word 'rent' plus a string of numbers after it," says RJ Gazarek, a security expert at Thycotic. "Helpful hint - a simple word, and a string of numbers, does not make a strong password."

takers8f1c39da.jpg
12 of 26 Screen Gems

ChrisBrown

We can't figure out the logic behind this one. But Sancheti says the name is too frequently used, and way too easy to crack.

mommie-dearest4beaa399.jpg
13 of 26 Paramount Pictures

YourMom

Another password that showed up frequently during the "Exploit.in" password dump, according to Morris. Not clever. Not unique. Not smart to use.

110075wb0780b-1.jpg
14 of 26 CBS

MyMomIs#1

"This password pattern -- MyMom, MyDad, MySister -- is used widely and included in a lot of brute force dictionaries," Gazarek says.

spectreol3qnt.jpg
15 of 26 MGM/Columbia Pictures

007Bond

Here's another one used in a lot of brute force dictionaries. "007Bond, 007Goldfinger, 007BondGirls... although easy to remember, none of these will keep you safe," Gazarek says.

img3553.jpg
16 of 26 Leslie Gornstein for ZDNet

Whatever your cat's name is

Common pet names are easily cracked right now, says Andrew Newman, CEO of Reason Software Company. That goes for popular names such as Smokey or BabyGirl; or less common pet names, such as Keppie (seen here being WAY too complacent about her password).

startrekdiscoveryhero-pngcopy.jpg
17 of 26 Courtesy of CBS Television Studio, CBS

NCC1701D

That's the registry number for the Federation ship Enterprise ... but the call letters for the spanking-new Discovery (NCC-1031) probably aren't much safer.

shutterstock87247558.jpg
18 of 26 Shutterstock/Featureflash Photo Agency

Princess

"These [terms] are all in any password dictionary used by hackers," says Matt Devost, managing director of Accenture Security.

Keep reading for still more terms that are way too popular right now ... both for users and for hackers, according to our security experts.

Related Galleries

Linux turns 30: The biggest events in its history so far
05-debian.jpg

Related Galleries

Linux turns 30: The biggest events in its history so far

31 Photos
Chromebook shipments, cloud spending, data quality concerns, and more: Tech research roundup
Millennial casual businessman thinking and looking at laptop in office

Related Galleries

Chromebook shipments, cloud spending, data quality concerns, and more: Tech research roundup

7 Photos
Azure Synapse Analytics data lake features: up close
azure-ml-integration-via-notebook.png

Related Galleries

Azure Synapse Analytics data lake features: up close

19 Photos
Top programming languages, 5G worries, cloud computing, and more: Research round-up
gsa-status-of-5g-by-country-end-2019.jpg

Related Galleries

Top programming languages, 5G worries, cloud computing, and more: Research round-up

12 Photos
IT spending, cloud computing, big data, virtual reality, and more: Research round-up
racial-and-ethnic-composition-by-religious-group.png

Related Galleries

IT spending, cloud computing, big data, virtual reality, and more: Research round-up

12 Photos
Provision a WordPress site in 30 minutes or less using Amazon AWS Lightsail
01-lightsail.jpg

Related Galleries

Provision a WordPress site in 30 minutes or less using Amazon AWS Lightsail

30 Photos
Julia programming language, cloud computing, cybersecurity worries: Research round-up
industrycloud-infographic.jpg

Related Galleries

Julia programming language, cloud computing, cybersecurity worries: Research round-up

12 Photos