Passwords are a necessary evil in today's world. We need them for everything from our favorite social network to accessing online banking. They have to be long enough to be safe from malicious attempts. Yet they also have to be memorable.
Now some of us may be able to memorize a random 20-character string full of letters, numbers and special characters. However, most will never be able to remember them, with the super secure password ending up on a sticky note on your desk.
While we search for viable solutions to this problem, let us look at some amusing words and phrases that have gone down in history for various reasons. Some services will consider these unsafe and not allow you to use them, but I should still warn you. Do not use these passwords. It is pretty much guaranteed that you will eventually be hacked if you do.
The threat of nuclear war has haunted the world for over half a century. However, it was never as real and potentially devastating as it was during the cold war. Back then, a single accidental launch from either side of the Iron Curtain would have meant the literal end of the world. Mutually Assured Destruction.
However, we felt safe in the knowledge that the launch mechanism was protected by competent professionals, with all sorts of protocols in place and solid, unbreakable passwords. The shocking truth was that until 1977, the nuclear launch code was simply 00000000.
Think about that for a minute. The only place in the universe where life is confirmed to exist, was 1 character repeated 8 times away from being completely annihilated. When I first read about this, I assumed it was a joke, but digging deeper, I realized that this really happened.
This code was apparently chosen so that a few seconds could be shaved off when responding to an attack by the Soviet Union. That is a plausible explanation, but was it worth the risk? After all, they did eventually change it.
Almost as frightening is the fact that in our leaked passwords database, this password was used by a whopping 197,693 accounts. And this is just the accounts that were compromised. Who knows how many other people are still using 00000000.
We have no idea how secure the passwords used by today's military are. No doubt they must be a lot stronger than this. However, all it takes is one weak code to break the chain of security. Let's just keep our fingers crossed.
Leaked passwords count: 197,693
In the early days of the Internet, before phishing scams, clickbait and spam, users displayed a certain level of innocence that some still remember fondly. Like the time I received a little application via email, claiming to be a gift. Upon clicking it, it ejected the computer's CD drive and the message "Here is a cup holder" popped up on screen. We now know better than to open any such email, let alone an executable attachment.
Then there was the forwarded link to the website that claimed to show you information on any three of your crushes. Upon entering the names, it would send the names to the friend who forwarded the link and encourage you to play the same prank on your friends. That made for some very angry messages from friends who became my victims.
Unwittingly revealing the name of your crush is one thing. Telling someone your password and not knowing that you did is on another level. Nothing epitomizes that innocence more than this IRC chat:
<Cthon98> hey, if you type in your pw, it will show as stars <Cthon98> ********* see! <AzureDiamond> hunter2 <AzureDiamond> doesnt look like stars to me <Cthon98> <AzureDiamond> ******* <Cthon98> thats what I see <AzureDiamond> oh, really? <Cthon98> Absolutely <AzureDiamond> you can go hunter2 my hunter2-ing hunter2 <AzureDiamond> haha, does that look funny to you? <Cthon98> lol, yes. See, when YOU type hunter2, it shows to us as ******* <AzureDiamond> thats neat, I didnt know IRC did that <Cthon98> yep, no matter how many times you type hunter2, it will show to us as ******* <AzureDiamond> awesome! <AzureDiamond> wait, how do you know my pw? <Cthon98> er, I just copy pasted YOUR ******'s and it appears to YOU as hunter2 cause its your pw <AzureDiamond> oh, ok.
Immortalized in IRC history, hunter2 became an iconic password used in a number of memes and online discussions.
It would be easy to say that people are not so gullible these days. Who would be stupid enough to reveal their password or pin code to anyone? Sadly, there is no shortage of such people. Be convincing enough and people will give out info that banks, or even Google, do not have. Please try not be one of them.
Leaked passwords count: 17,124
ncc1701, or NCC-1701 to be precise, is the registration number of the Constitution Class USS Enterprise from Star Trek. Along with its variations, such as ncc1701a, the designation used in later Star Trek movies, this is quite a popular password among Trekkies.
Though memorable and iconic, it is a short and simple password that is easily crackable. Probably something you wouldn't even dream of using in the 23rd century, though by then, there likely would be much better ways of authentication that we haven't even thought of yet.
Leaked passwords count: 54,319
You know your brain needs a workout, when the best password it can come up with is the word "password". It is also one of the first things anyone would try when attempting to crack a login. For this reason alone, it is likely the most insecure and harmful password in this list.
If this is what you chose, you might as well just welcome everyone into your account without any authentication whatsoever.
Besides its notoriety, "password" is a simple 8-character dictionary word, without any digits, special characters or uppercase letters. It is too short, very weak and trivial to crack. Avoid at all costs.
Leaked passwords count: 3,730,471
In Soviet Russia, passwords ask for Chuck Norris.
Chuck Norris can login anywhere just by typing ********* as the password.
When Chuck Norris chooses a password for his login, the prompt says "Password too strong".
This is Mr Chuck Norris. The man who became a legend and spawned countless jokes about his badassery. No doubt his name is worthy of a powerful and invincible password. However, when the world's most popular social network uses it, alarm bells should be ringing.
While we are pretty clear how Facebook treats our private data, it is still shocking that at one point, it had a master password that employees could use to login to any profile. This password was off course, Chuck Norris, though spelled using a combination of uppercase letters, lowercase letters, numbers and special characters.
Who else would have no trouble logging into any account? This is one legend nobody can mess with. Oddly enough, only seven people used this password in the leaked list. The only logical explanation is that for fear of Mr. Norris himself, the password leaked itself. That too, seven times.
Leaked passwords count: 7
We humans are simply not designed for numbers larger than a few hundred maybe. This is possibly why we find long digits so intriguing and so often believe that they alone can keep us safe. When it comes to computers however, especially passwords, numbers are way easier to deal with than letters.
Think about this, even if you used any 6 random digits, there are 1 million possible combinations. With 6 random letters, this figure is 308,915,776 and that is just for lowercase letters. So 123456 may look clever to you, but even "baboon" would be a much better choice. It will require 300 times more processing power to brute force it. Not that we recommend it, being a dictionary word and still taking mere seconds to crack.
Being a sequence of six consecutive digits makes 123456 even easier to guess. By now, it is near the top of password cracking databases and no brute forcing is even necessary.
The sad fact is that this is the choice of millions of people, topping this list with a whopping 23.5 million leaked passwords count.
Leaked passwords count: 23,547,453
Most of us believe ourselves to be much much smarter than we really are. And what better way to prove how wiley we can be, than to come up with an ingenious password that none of the few billion other people on earth would think of.
Countless people believed that punching in the first four numbers, alternating with the first four letters on a Qwerty keyboard, would make for an unbreakable, yet easy to type password. Needless to say, it is a terribly insecure password that is too short, lacks any special characters or uppercase letters and is now in most password databases. A password cracker will take a split second to break it.
Leaked passwords count: 655,405
It has become somewhat of a cliche to use your pet's name as the one barrier protecting your most intimate conversations and data from others. Imagine the most powerful individual in the world making this mistake.
This is exactly what Bill Clinton, the President of the United States of America from 1993 to 2001, did in 2000 for a smart card encryption key. To top it off, he shared the password with the rest of the world.
Luckily, the key was not meant for anything as sensitive as military weapons or personal photos and someone would have to get their hands on the card to even be able to do anything with it.
Though quite popular despite getting into trouble, President Clinton was not exactly a role model figure. And it was a different time. However, imagine the great example he could have set by using something long and difficult.
Leaked passwords count: 3,022
Since we are talking about interesting passwords, this one makes the list, despite being the least popular one. Only four accounts used it from our database of leaked passwords.
Part of the One Thousand and One Nights, also known as Arabian Nights, the folk tale of Ali Baba and the Forty Thieves sees Ali Baba, a poor woodcutter, learn the password to enter a treasure filled cave belonging to 40 thieves. He takes some of the treasure home and keeps the find a secret. However, his greedy brother gets wind of it and forces Ali Baba to reveal the password.
The brother goes to the cave and starts loading up the treasure, but in his excitement, he forgets the password and gets trapped inside. Once the thieves return, they murder him and then go after Ali Baba.
The tale is a classic one and the phrase "Open Sesame" pops up in countless places, such as movies, cartoons and popular culture. Who can forget Popeye's variation of "open says me". The lesson from the tale of Ali Baba is quite obvious: Don't forget your password.
Leaked passwords count: 4
This one is more of a genuine mistake, or possibly just an honest statement, but people do use the phrase "forgot password" as their password. I doubt anyone would choose this deliberately. Most likely, they mistook the signup page for the login page. Or typed the help query in the wrong field.
It should be pretty obvious to everyone by now that if you really have forgotten your password, in virtually all cases, you just need to click a link to recover it. In any case, this is an interesting one.
Leaked passwords count: 10
Just like the first password in this list, the last one is also a sequence of the same digit, repeated 8 times. This one is very popular in the world's most populous country, China.
In Chinese culture, as well as many other Far East nations, the number eight has a special significance. It is associated with wealth and good fortune and is therefore used for everything from scheduling important events, to buying everyday items.
The Summer Olympics in Beijing for example, began at exactly 8 minutes and 8 seconds past 8pm on 8th August 2008. In short, at 8:8:8 on 8/8/8. And in 2003, Sichuan Airlines paid $280,000 for the phone number +862888888888.
Naturally, many people who believe in its luck, use eight for passwords. Wifi terminals in China can often be accessed just by using 88888888 as the key.
Unlucky for them, it is trivial to crack and will likely be the first one attempted by a hacker from Asia, or one who is familiar with the culture..
Leaked passwords count: 303,921
It was a lot of fun to compile this list and the stories behind each password are very interesting indeed. However, they have to be treated as mere amusement or cautionary tales. Not as a list of ideas if you are having difficulty selecting a memorable password.
Remember to follow the secure password guidelines when selecting one.