Top 10 passwords 2008

David Naylor

· General

I just had a client send me a password, which I have told them they need to change, what made me laugh was Becky my wife said “it’s better than the old password” which was password .. lol, then that reminded me of the top 10 passwords ..
darkreading had these top 10 passwords :

1. (username)
2. (username)123
3. 123456
4. password
5. 1234
6. 12345
7. passwd
8. 123
9. test
10. 1

Threadwatch had in 2007

1. password
2. 123456
3. qwerty
4. abc123
5. letmein
6. monkey
7. myspace1
8. password1
9. blink182
10. (your first name)

modern life is rubbish has a UK List in 2006 :

1. 123
2. password
3. liverpool
4. letmein
5. 123456
6. qwerty
7. charlie
8. monkey
9. arsenal
10. thomas

But across europe the top 10 is still

1. Password
2. 12345
3. Football Club
4. Partners Name
5. letmein
6. Monkey
7. Own name
8. 1234
9. Qwerty
10. First school or Colour

and people wonder why their Blogs get hacked !!


We'd love to hear from you!

If you think Bronco has the skills to take your business forward then what are you waiting for?

Get in Touch Today!


  • Michael Fridman

    To be fair, though a top 10 list will have stupid passwords only, it can represent only 1% of the total passwords in a database.

  • Josh Garner

    letmein…lol. That’s my new password.

  • 4eyes

    Across Europe the #6 password is ‘monkey’ ????

    Seems unlikely to me.

    * They all started speaking English
    * Monkey means ‘password’ in Esperanto, French, German, Italian or Spanish
    * Johnny Vegas is better known than I suspected
    * The survey had a flaw

  • qwerty

    Good thing I don’t use my name. It’d be doubly stupid.

  • SEO Ranter

    Ahahaha. aha. hahahaha hahaha, haha HA HA HA. Oh dear..

  • SEO web hosting

    The easiest thing to remember when you combine safety is someone’s name along with some birthdays (the actually dates). Combine two different people and you can easily remember them and no one should be able to figure it out (sammy0514).

  • pKay

    LOL monkey!!! I have not thought of that one lol

  • Shaun

    Kind of flawed to look at it this way, as Michael said.
    If you have a good password, the chances of it being duplicated are slim to none. If you have 100 users, 2 of them use 1234 as their password, and all the others are good passwords, suddenly 1234 becomes the #1 password and everyone shakes their head at how horrible peoples’ passwords in general are.

    That said, a lot of people use stupid passwords.

  • Binny V A

    I find these password used often as well

    Password (Capital P)

  • Krunal Chauhan

    Wow, they were cool 😉 i think i should create one site/blog for how to create strong passwords

  • Geoserv


    Thankfully my password isn’t listed here.

    VOTED for you at:

  • ramsey

    @SEO Web Hosting

    That’s not true. You should pick a password that is random letters, number and special characters. Using a password that is someones name and some numbers is not nearly as secure but far better than “monkey” 😛

  • David

    I see this sort of thing all the time at my work (I work for an ISP). You wouldn’t believe the amount of people who think that [username]123 won’t be guessed…

    And as for ‘letmein’… well that’s the password for a former colleague’s Adwords account. Oh man…

    Anyway, in order to have complicated passwords that I can still remember, I created a system where I make up passwords using a pool of smaller groups of letters/words. The order they’re in depends on what the password is for, so if I forget it I can still figure it out.

  • Money Ideas

    Damn, people are so stupid sometimes.
    How can somebody have “password” for password in 2008?

  • Igor The Troll

    DaveN, I bet your password is DaveN. 😉

  • Dubistdoof

    Taking in consideration that english is not the the most spoken first language in europe. That european keyboards are not necessarily qwerty but qwertz and different combinations according to the languages. I would check the points you present as facts.

  • IceMan

    letmein was the standard password shipped with sage accounts

  • Mike Williams

    We often suggest that our users define a phrase that they can remember and then take either the first letter of each work in that phrase, the first from he first word, second from the second work etc. or some other combination. It generates a combination of random letters that becomes difficult to ‘guess’ but relatively easy to remember.

    Don’t just shop. Get paid to shop!

  • richard

    How do you knoww that people are giving you the real password. If asked in a survey I would give a password, but not one I use

  • Broadcast Media Support Person

    Current favourites here are :

    To put it on a Post-it note and cellotape it to your laptop or screen.

    And we’re going Sox soon!!!!!!!

    What do you expect, some of these people only earn £150,000 a year!

  • James Hall

    On the USB Storage front just buy an IRONKEY !! ( …10 password tries to get into the device..get it wrong and it destroys itself so you only need a 4 digit password and that would be considered strong !! That way a PIN would do. Also the PERSONAL version contains a password manager that maens that for web based login you can have the most complicated passwords you want (it has a password generator on board). Just generate one, paste it in the site, the IronKey then saves the password on the device. This way you have secure passwords, which the IronKey remembers and you don’t have to – all on a hardware encrypted USB device which of course is portable…and the device itself has an easy but strong password. What could be better and that 🙂

  • Tim WMB

    There was an article recently about a Government minister whose blog had her first name as her userid and her surname as her password. And she is in charge of a very large budget.

  • not so stupid

    I know an idiot man who used his name backwards….

    …. he was up to no good and luring lonely stupid women to meet him in parking lots to act out his fantasies.
    Beware of friendly perverts ….liars and sick!

  • ray

    i was told monkey is half english half french
    mon= my (french)
    key= key/ code (english)
    Its pretty cool pswd for back then imo

  • Melville

    Passwords should be at least 10 characters long. Mix it up with numbers and symbols or spell it wrong, there is dictionary scans for passwords so make sure it is not out of the dictionary.There is also a brute force scan that can trace smaller passwords which is why 10-12 character passwords is key, it would take many many years to scan 12 characters, as long as its not from the dictionary. Don’t use your family members names, including any pets or birthdays. Never, never leave your password under your key board or on a sticky note stuck to your monitor. Finally, never have your password hint the actual password !!!!!

    I hope this is useful.

  • Hummer

    Most common I know are

    changeme1! or 1$
    Y r U using this acc0unt?