Blockchain Blog

Password Strategies: The Good, The Bad, and The World's Worst

Do you remember the first online password you ever used? Chances are it probably wasn’t all that secure. Fast forward to today, there’s no shortage of credible, easy to digest information about safe passwords and online security available. In spite of this, the use of weak password strategies still continues to prevail.

To help ensure your passwords do their job as your first line of defense, we’re here to explain how valuable a strong password strategy is and show you common weaknesses shared by the world’s worst, most horrible, no-good, very bad passwords. Did we mention they’re downright despicable?

Illustration showing the results of weak password strategies on the left and strong password strategies on the right

The importance of strong password strategies

We’ve yet to know the full scope of data breaches worldwide, according to the ITRC. While users may not have the power to prevent every type of hacking or data breach, password choice is one among several preventative tools that are 100% in the user’s control.

On a noncustodial platform like ours, strong password strategies become even more valuable because your wallet credentials, which includes your password and 12-word backup phrase, are never stored on our end so we can’t recover them for you. Your choice of password and two-step verification method are two of the most effective ways you can be proactive about theft prevention.

Password management firm SplashData released its very first Worst Passwords List back in 2011. The passwords came from records of account data that had unfortunately been leaked and made public by hackers. Since then in an effort to encourage widespread use of stronger passwords, SplashData continues to release a new worst of the worst list each year.

Whenever you’re ready, prepare for some serious cringe as we look at the Top 10 Worst Passwords of 2016.

  1. 123456
  2. password
  3. 12345
  4. 12345678
  5. football
  6. qwerty
  7. 1234567890
  8. 1234567
  9. princess
  10. 1234

An example of weak password strategies using the overly attached girlfriend meme with text "My Password? It's my first name and your last name"

From extreme predictability to lack of character diversity and length, these passwords are unoriginal, indisputably weak and should never be used. Since the initial release of SplashData’s list, not too much has changed as far as which passwords grab the top spots. The reigning champion for multiple years in a row was “password” (yes, you read that right), which thankfully lost its first place title in 2013. Sadly, stealing the crown each year since has been the equally lackluster “123456”.

To view SplashData’s full list of the top 25 worst passwords of 2016, click here.

Where to go from here?

If any of your current passwords are reflected on the list above, it’s definitely time for an overhaul. Here are three building blocks to a strong password strategy any user can easily incorporate:

  1. Make it unique (and never use the same password twice)
  2. Use at least 16 characters
  3. Incorporate a healthy assortment of upper and lowercase characters, symbols, and numbers

For more strong password tips, check out this helpful and entertaining Last Week Tonight with John Oliver clip.

Have a solid password creation strategy but don’t have a Blockchain wallet? Sign up here!