Here Are 10 Passwords You Should Never Use

Level up your online security by avoiding these common and easily hackable passwords.

ESB Professional/Shutterstock

When the internet first came around, most people had one password they used for just about everything. That was, of course, when everything didn't have an accompanying online account. Now, between email, social media, banking, shopping, streaming services, work logins, travel accounts, discount accounts, and whatever else you are doing online (none of my business), the average person is logging into at least a few different sites every day.

And according to a recent report from ExpressVPN, about 44% percent of people admit that they are using pretty weak passwords for their accounts. Additionally, the average person uses the same password for six websites and/or platforms. What's even more concerning is that many of us use personally identifiable information in our passwords.

Courtesy of ExpressVPN

Even if you feel that you have a pretty difficult password to guess, it's never a bad idea to do a quick diagnostic of your cyber security. For starters, below are 11 passwords or components of passwords that you should avoid using from here on out.

  • 123456 is one of the most common passwords in the world. The easier your password is to type, the easier it is to hack.
  • Password is a popular password with English speakers.
  • qwerty is another popular password with English speakers. In France, because the keyboard is different, the variation of this is "azerty." It would be best to avoid both.
  • iloveyou is one of the most common passwords used in the United States.
  • First names are used in 43% of passwords. Don't use your name in your passwords!
  • Last names are used in 40% of passwords. Do not use your name in your passwords!
  • Date of birth is used in about 43% of passwords. Think about it. Anyone who knows you could probably guess this one.
  • Social Security numbers are used in 30% of passwords. If someone gets access to this password, they could feasibly take over your entire life.
  • Phone numbers are used in 32% of passwords. Like names and birthdays, someone would only have to know a bit of you to take over your Netflix account.
  • Pet's names are used about 43% of the time. In this case, anyone at your dog park could take a stab at your login information.
     

And I'll be honest. I've been guilty of using some of the above combinations on accounts in the past. My MySpace page from middle school probably could have been hacked by a toddler. But, now that the stakes are higher than a Top 5 list, it's probably best we all get a bit more creative with our security.

For World Password Day, which falls on May 5, consider updating your password. ExpressVPN has a few key recommendations.

  • Make your passwords at least eight characters long, though 12 to 15 characters is considered the ideal range.
  • Randomize your password. The less meaning the password has, the harder it is to hack. You can use a random password generator online if coming up with one on your own doesn't feel random enough.
  • Finally, to make sure each of your accounts is safe, you should use a unique password on each account.


I know, I know. Some of this sounds a bit painstaking. But as someone who has had their passwords end up in large data leaks, it's easier to reset passwords now rather than try to recover stolen information later.

Want more Thrillist? Follow us on Instagram, Twitter, Pinterest, YouTube, TikTok, and Snapchat.

Opheli Garcia Lawler is a staff writer at Thrillist. Follow her on Twitter @opheligarcia and Instagram @opheligarcia.