These are the 10 worst passwords — is yours on the list?

Yahoo Life is committed to finding you the best products at the best prices. Some of the products written about here are offered in affiliation with Yahoo. We may receive a share from purchases made via links on this page. Pricing and availability are subject to change.

Avoid common password mistakes, such as writing down your passwords on a sticky note. (Photo: Getty)
Avoid common password mistakes, such as writing down your passwords on a sticky note. (Photo: Getty)

The largest-ever data breach, which took place this past winter, resulted in the exposure of more than 3.2 billion unique email addresses and passwords. Yep, that’s billions with a ‘b.’

IBM reported that 4 in 5 breaches involve compromised credentials — otherwise known as weak or stolen passwords. The report goes on to estimate that the average cost of each data breach is $3.5 million. What’s worse, the average time it takes to detect and contain a breach is 280 days.

In the wake of such high-profile hacks, it’s time to start changing the way we secure our online accounts. Although complex passwords can be very secure, creating and remembering them can be a challenge.

According to a Secure World, a cybersecurity website, these are the worst passwords of 2020 (see if any of yours make the list):

  1. 123456

  2. 123456789

  3. picture1

  4. password

  5. 12345678

  6. 111111

  7. 123123

  8. 12345

  9. 1234567890

  10. senha (which is the Portuguese for password)

Try LastPass Premium, part of Yahoo Plus Secure, risk-free for 30 days.

Your online activities are more secure when you create strong passwords for your accounts. A strong password makes it more difficult to hack into your account and steal your information. When it comes to creating more secure passwords — also known as password hygiene — there are some tips to keep in mind, such as using:

  • a combination of letters, numbers, and symbols

  • different passwords for different sites

  • an easily remembered word or phrase

  • a password that is at least 8 characters long

  • a password that uses every letter of the alphabet

  • a password that uses at least one number and one special character

Creating strong passwords makes it harder for people to hack your accounts. (Photo: Getty)
Creating strong passwords makes it harder for people to hack your accounts. (Photo: Getty)

Password hygiene means ensuring that your passwords are hard to guess and that they are well-chosen. Consider using a password manager like LastPass Premium if you find it difficult to come up with a secure password. Why? LastPass Premium is software that helps create stronger passwords and stores them for you.

Using a password manager from the get-go is helpful because the passwords people come up with themselves aren't always secure, which can leave them vulnerable to hackers. “Following password recommendations will only give the individual user the illusion of security, but if they are phished or there is a breach, then adding more characters or using a password manager will be of no help,” Jasson Casey, chief technology officer of the cybersecurity and identity management organization Beyond Identity, tells Yahoo Life.

Casey explains that “passwords are fundamentally flawed for a number of reasons. They are difficult to keep safe, long and burdensome to remember, and easily susceptible to breach or attack.”

He continues: “The only 'strong' password is a computer-generated cryptography key pair, i.e. no password. The top practice is to move to passwordless authentication. Unlike shared secrets, passwordless authentication eliminates passwords altogether, leaving no credentials for hackers to steal.”

Try LastPass Premium, part of Yahoo Plus Secure, risk-free for 30 days.

Using a password manager is helpful because the passwords people come up with themselves aren't always secure. (Photo: Getty)
Using a password manager is helpful because the passwords people come up with themselves aren't always secure. (Photo: Getty)

Passwordless authentication has long been a practice among IT professionals, yet it's something most people aren’t aware of. According to Duo, "biometrics [such as a fingerprint], security keys, and specialized mobile applications are all considered 'passwordless' or 'modern' authentication methods."

The World Economic Forum sees passwordless authentication as the future of online security. When there are no passwords for criminals to obtain, the chances of illegal access to private information are drastically lower, which translates into a frictionless, more secure web experience.

Until passwordless authentication becomes the norm, people can practice better password hygiene by thinking of longer, stronger passwords —or better yet, by utilizing a password manager to help create, manage, and store complex, hard-to-guess passwords.

Try LastPass Premium, part of Yahoo Plus Secure, risk-free for 30 days.

Read more from Yahoo Life:

Follow us on Instagram, Facebook, Twitter, and Pinterest for nonstop inspiration delivered fresh to your feed, every day.