Connect with us


These 20 common passwords are being sold on the dark web

Seriously, if you have a password on this list, change it now.

Worst password 2020
Image: KnowTechie

A new report from cybersecurity firm Lookout (via CNBC) shows the 20 most common passwords leaked on the dark web, and they’re nasty. Really, anyone using anything on this list in 2022 should be ashamed.

The list ranges from common manufacturer defaults like “12345678” and “Password,” to easily-typed phases like “Iloveyou.” Sure, they’re easy to remember. It’s also easy to remember for millions of other internet users, so you’re leaving your accounts wide open.

It’s hard enough keeping your accounts safe with unique passwords. The number of data breaches in the U.S. hit a new record last year, 1,862 which is a 68-percent increase over the number in 2020.

20 most common passwords found on the dark web

  1. 123456
  2. 123456789
  3. Qwerty
  4. Password
  5. 12345
  1. 12345678
  2. 111111
  3. 1234567
  4. 123123
  5. Qwerty123
  1. 1q2w3e
  2. 1234567890
  4. 0
  5. Abc123
  1. 654321
  2. 123321
  3. Qwertyuiop
  4. Iloveyou
  5. 666666

Read it and weep. No really, if your password is on this list, assume every single account or piece of technology you own is breached. If not now, it’s only a matter of time.

READ MORE: What are smishing attacks and how can you avoid them?

The other thing to note here is that the default login password for many popular routers is ‘password.’ The other most common default is ‘admin,’ so please go set up a unique login password for your router.

It’s often the only piece of technology that stands between your home network and the rest of the internet; so securing it is important.

Passwords are dumb, hackers are smart

Password under magnifying glass
Image: SCMP

Again, if you’re still using one of the most common passwords that were found leaked on the dark web, it’s time to stop. Enroll in a password manager, like 1Password, LastPass, or even Apple iCloud Keychain.

It’s probably also a good idea to add two-factor authentication for any accounts that support it. Avoid using SMS two-factor though, as it’s insecure. A determined hacker can get your phone number cloned and intercept those.

You could also go the hardware-based authentication route. YubiKey is the most popular option here, and we really like that you can get one with a Keyport Pivot to store your house keys alongside your digital hardware key.

Have any thoughts on this? Let us know down below in the comments or carry the discussion over to our Twitter or Facebook.

Editors’ Recommendations:

Follow us on Flipboard, Google News, or Apple News

Maker, meme-r, and unabashed geek with nearly half a decade of blogging experience. If it runs on electricity (or even if it doesn't), Joe probably has one around his office somewhere. His hobbies include photography, animation, and hoarding Reddit gold.

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

More in News