Each year, SplashData evaluates millions of leaked passwords to determine which passwords were most used by computer users throughout the year. SplashData has been a leading provider of password management applications for over 15 years.

This year, they published an annual list of 100 worst passwords. Here you will find the top 25 worst passwords. In 2019, the “qwerty” password was popular again, and for the seventh year in a row, “123456” turned out to be the leader of the ranking.

SplashData’s “Worst Passwords of 2019” List:

  1. 123456 (rank unchanged since 2018)
  2. 123456789 (up 1)
  3. qwerty (Up 6)
  4. password (Down 2)
  5. 1234567 (Up 2)
  6. 12345678 (Down 2)
  7. 12345 (Down 2)
  8. iloveyou (Up 2)
  9. 111111 (Down 3)
  10. 123123 (Up 7)
  11. abc123 (Up 4)
  12. qwerty123 (Up 13)
  13. 1q2w3e4r (New)
  14. admin (Down 2)
  15. qwertyuiop (New)
  16. 654321 (Up 3)
  17. 555555 (New)
  18. lovely (New)
  19. 7777777 (New)
  20. welcome (Down 7)
  21. 888888 (New)
  22. princess (Down 11)
  23. dragon (New)
  24. password1 (Unchanged)
  25. 123qwe (New)

For the first time in the history of the SplashData rankings, the password “password” was not included in the top three most popular ones – “qwerty” took over. Passwords like “princess” (went 11 lines down) and “welcome” (7 lines down) substantially lost their positions. The “donald” password that appeared in 2018 completely disappeared from this year’s rating.

“Invoking the name of the president or any other celebrity as your password is a dangerous decision, one that hackers will exploit and put you at substantial risk of having your identity stolen,” said Morgan Slain, CEO of SplashData, Inc.

At the same time, new options appeared on the list: “1q2w3e4r,” “qwertyuiop,” “123qwe,” “dragon,” “lovely,” and “7777777.” Passwords “123123” and “qwerty123” became more common. The ranking of the worst passwords of 2019 made by SplashData specialists was based on an analysis of more than five million combinations used by the residents of North America and Western Europe that were leaked.

Our hope by publishing this list each year is to convince people to take steps to protect themselves online, and we think these and other efforts are finally starting to pay off.

SplashData offers three simple tips to be safer from hackers online:

  1. Use passphrases of twelve characters or more with mixed types of characters.
  2. Use a different password for each of your logins. That way, if hackers get access to one of your passwords, they will not be able to use it to access other sites.
  3. Protect your assets and personal identity by using a password manager to organize passwords, generate secure random passwords, and automatically log into websites.