There are articles released every year about bad password choices that everyday users make, and they make IT Tech’s cringe every time they read them. Why are bad passwords such bad news for IT techs? Simple. As IT experts, it’s their job to ensure the security of the business-related data contained on networks. Best practices have been repeated over and over to employees, yet, it seems like every now and then, there’s still someone out there who believes “123” to be a good password.

When it comes to creating bad passwords, the possibilities are almost endless. Every year, SplashData compiles the worst passwords of the year. Their methodology is quite simple: they take a list of the millions of passwords stolen during the year (the ones that were made public) and sort them by popularity.

Here’s a chart of the winners in 2018. Any of them look familiar? If you’re recognizing one of your passwords in this list, please, do everyone a favor. Go change it right now.

Presenting SplashData’s “Worst Passwords of 2018”:

Rank 2018 Password
1 123456 Unchanged
2 password Unchanged
3 123456789 Up 3
4 12345678 Down 1
5 12345 Unchanged
6 111111 New
7 1234567 Up 1
8 sunshine New
9 qwerty Down 5
10 iloveyou Unchanged
11 princess New
12 admin Down 1
13 welcome Down 1
14 666666 New

15 abc123 Unchanged
16 football Down 7
17 123123 Unchanged
18 monkey Down 5
19 654321 New
20 !@#$%^&* New
21 charlie New
22 aa123456 New
23 donald New
24 password1 New
25 qwerty123 New

As front-line technical support for many of our clients, an important part of our job consists of educating users about the importance of a strong and secure password. Business-critical data is just as important to the business you work for as your financial information is to you. What if anyone could access your bank account and make transactions? The same applies to business-critical data.

Our job at Partek is to ensure that are clients are a safe as possible and data is not compromised. That’s where the enforcing part comes in. Setting password-related rules is one of the numerous things IT departments must implement to ensure data safety. Other common practices include enforcing a certain password length, a combination of letters, numbers and symbols, as well as a mix of upper- and lower- case characters. Passwords should also be changed on a regular basis. Want a strong password? Use a site like https://strongpasswordgenerator.com/ to help you come up with a complex password that meets all of the above criteria.

Finally, storing your passwords is just as critical. We live and work in an age of passwords, so remembering them all is a burdensome task. Whatever you do though, don’t store your list of passwords in a plain text file on your computer or a Post-It note on your monitor. There are many great apps available to help store your many passwords, such as https://lastpass.com/ and http://keepass.info/