The 20 Most Commonly Leaked Passwords on the Dark Web

Don't make your username "username" either.
Don't make your username "username" either. / alengo/iStock via Getty Images

If you thought you were being extremely romantic by making all your online passwords “Iloveyou,” we’re sorry to say that you should probably be a little less basic in the future—when it comes to devising passwords, that is.

As CNBC reports, mobile security software company Lookout recently released a list of the 20 passwords that most often turn up in data leaks on the dark web. “Iloveyou” came in 19th place, right ahead of “666666.” Not great, but better, at least, than tapping “0” once and calling it a day; that single digit took 14th place. In general, people seem to be trying to make their fingers move across the keyboard as little as possible: “Qwerty” came in third, “Qwerty123” took 10th, and “Qwertyuiop” landed in 18th. And alternating the first few letters of the keyboard with the first few numbers is less revolutionary than you may have assumed, as “1q2w3e” is the 11th most commonly leaked choice.

The most popular trend within the list is a string of sequential numbers. “123456” took the top spot, followed by “123456789”—a great reminder that just because a password is long and includes numbers doesn’t make it a good one. Neither does choosing a word so obvious that you think nobody will ever guess it, like “Password,” which came in fourth place.

What does make a good password is absolute nonsense: a lengthy hodgepodge of letters, numbers, and special characters that won't reflect any of your personal information. See more tips for strong passwords here, and check out Lookout’s full list of leaked ones below.

  1. 123456
  2. 123456789
  3. Qwerty
  4. Password
  5. 12345
  6. 12345678
  7. 111111
  8. 1234567
  9. 123123
  10. Qwerty123
  11. 1q2w3e
  12. 1234567890
  14. 0
  15. Abc123
  16. 654321
  17. 123321
  18. Qwertyuiop
  19. Iloveyou
  20. 666666

[h/t CNBC]