This is something of a different year-end list, and one you should probably take a peek at. For nearly a decade, digital security company Splash Data has released a list of their top 100 hackable passwords for the year. Although the list changes slightly from year to year, the most hackable passwords seem to stay pretty static. And yet people just don鈥檛 seem to learn! With a new year about to begin, there鈥檚 no better time than now to make sure your password is unhackable in the new year.

Using over 5 million hijacked passwords that were made public over the past 12 months, (except those stolen from adult websites and any swiped during the Yahoo hack), Splash Data hopes to get people thinking about internet security by releasing the list each year. But what passwords are on the list?

The top ten are actually really surprising, considering these are passwords no one should still be using. In 10th place, 鈥榠loveyou,鈥 followed by 鈥榝ootball,鈥 鈥1234567鈥 and 鈥榣etmein鈥 in spots nine, eight and seven (a new seventh place for this password). New in at number six is 鈥123456789鈥 and fifth place sees 12345 which has dropped two spots. Fourth place sees 鈥榪werty鈥 up two from 2016, and third place goes to 鈥12345678.鈥 Second spot, unchanged from last year, is, shockingly, 鈥榩assword.鈥 And the number one most hackable password in 2017 is 鈥123456鈥 鈥 for the fourth year in a row.

If these passwords surprise you, or if your password is on this list, one of the best ways to make your password unhackable, is to use a three or four-word string. Even though many sites do ask for a symbol and a number, that should be going away as length, not complexity makes a strong password. Not quite a sentence, but some easy to remember words, in the right order is something very difficult for hackers and bots to figure out. Some strong examples of this are 鈥榙ogcarapplegame鈥 or 鈥榬obotlotionhappy.鈥

Obviously, when possible two-step authentification is the way to go when it comes to securing your stuff, but not all websites offer this service. And remember, that top 100 list that Splash Data put together has a lot of pop culture references on it, so avoid words that may have significant meaning to the times, like 鈥榙ragon鈥 (GoT much?), 鈥楯ordan23鈥 or even sports team names.

Have you ever been hacked? Tell us @BritandCo!

(photo via Getty)