Worst passwords of 2017: Do you have one of them? 

  • Najja Parker, Atlanta Journal-Constitution
Dec 20, 2017
Leon Neal/Getty Images

Many sites require a password to login. While users are encouraged to create strong choices, some codes are still stolen. So which combinations are the worst?

>> Read more trending news 

SplashData, a company that provides security applications and services, recently conducted a study to find out. By using data from 5 million leaked passwords from users in North America and Western Europe, the site compiled its annual “Worst Passwords of the Year” list.

The No. 1 most used password was “123456”, followed by “Password.” Those two took the top two spots last year, too. 

Third place went to “12345678,” “qwerty” was No. 4 and “12345” was No. 5, which was down two spots from last year. 

>> Related: If your password is on this list, you need to change it now

While there were several repeats from 2016, there were also some first time offenders on the round-up. One included “starwars,” which was No. 16 and another was “dragon,” which was No. 18. 

So what’s the best way to prevent a hack attack? Researchers recommend using a combination of 12 characters with a mix of upper and lowercase letters. They also suggest changing them for various websites. 

>> Related: Equifax, software maker blame each other for opening door

Take a look below for the 20 worst passwords of 2017.

1. 123456 

2. Password 

3. 12345678 

4. qwerty 

5. 12345 

6. 123456789 

7. letmein 

8. 1234567 

9. football 

10. iloveyou 

11. admin 

12. welcome 

13. monkey 

14. login 

15. abc123 

16. starwars 

17. 123123 

18. dragon

19. passw0rd 

20. maste