Choosing a password is a delicate matter. On the one hand, you want to make sure it’s something you’re likely to remember (especially if you have multiples!), yet on the other, you don’t’ want to be predictable, lest you wind up with oh, say, one of the most leaked Twitter passwords in the event of a hack (and yes, 123456 is one of them!).


In case you’re still struggling, Splash Data has released its annual list of the most popular stolen passwords of 2015, offering you a glimpse into what not to choose.

Comprised of more than two million hacked choices, ranked by popularity, below we give you the top 25 no-nos. (Hint: They’re not the most creative gems around.)

1. 123456

2. password

3. 12345678

4. qwerty

5. 12345

6. 123456789

7. football

8. 1234

9. 1234567

10. baseball

11. welcome

12. 1234567890

13. abc123

14. 111111

15. 1qaz2wsx

16. dragon

17. master

18. monkey

19. letmein

20. login

21. princess

22. qwertyuiop

23. solo

24. password

25. starwars

Computer Security: Reconstructing Shredded Document Listing Userids and Passwords

Moral of the story? Don’t use series of numbers, sports or anything about Dragon Master, got it? Splash Data also recommends using passwords that are 12 characters or more, mixing them up (i.e. numbers with letters, caps with lowercase) and password managers.

Duly noted!

Are you guilty of choosing any of the terms on this list? Share with us over @BritandCo!

(h/t IFL Science, photos via Getty)