Most Popular 2012 Passwords Revealed

by FBI IC3

iStock_000011533270XSmall recently published the following information regarding the most popular 2012 passwords on the web. The ranking was based on password information from compromised accounts posted by hackers online. The article was also featured on

This year, the list is back! So it’s time to see how, if at all, users have learned their lessons about what makes a strong password.

Here’s the full list and how it compares to last year’s:

# Password Change from 2011
1. password Unchanged
2. 123456 Unchanged
3. 12345678 Unchanged
4. abc123 Up 1
5. qwerty Down 1
6. monkey Unchanged
7. letmein Up 1
8. dragon Up 2
9. 111111 Up 3
10. baseball Up 1
11. iloveyou Up 2
12. trustno1 Down 3
13. 1234567 Down 6
14. sunshine Up 1
15. master Down 1
16. 123123 Up 4
17. welcome New
18. shadow Up 1
19. ashley Down 3
20. football Up 5
21. jesus New
22. michael Up 2
23. ninja New
24. mustang New
25. password1 New

As you can see, people haven’t changed their password habits a whole lot in a year.

If your password is included on that list, or is a close variation of these passwords, it’s really important to take action now!

Fixing your password problem can be very simple;

Long is strong: The longer the password, the more difficult it will be for someone to try and crack it using brute force. So, instead of a single word, with a jumble of symbols, numbers and characters, try a string of words. Use a line of your favorite poem, song or just something memorable. Feel free to add your lucky number at the end if you like.

Something like: “withnodirectionhome1085″.

A famous Dylan lyric like this will always be easy to remember, and say you were born in October 1985. This means that you’ve suddenly got a 23 character password, which is much harder to crack than something much harder to remember such as “Phu!R7tRjX”.

Variety is the spice of life: The trouble with smaller, complex passwords is that they can be a real hassle to remember, often forcing you to use the same password for multiple accounts which is never a good idea. So another benefit of having long, easy to remember passwords is that you keep many passwords.


The IC3 was established as a partnership between the Federal Bureau of Investigation (FBI) and the National White Collar Crime Center (NW3C) to serve as a means to receive Internet related criminal complaints and to further research, develop, and refer the criminal complaints to federal, state, local or international law enforcement and/or regulatory agencies for any investigation they deem to be appropriate.