Common Problems

As IT security consultants, one of the first things we address with organizations during a Risk Assessment is password management.  Most companies have a pretty strong grasp of “strong-password” requirements, or at least we have been lucky enough to find the fortunate few.

In a recent study released by SplashData, they compiled a listing of the 25 most common passwords used to lock down online accounts.  This list is made up of over 1 million stolen passwords reported in 2013 and as evidenced by the creativity of our fellow citizens, Praetorian Secure will continue to make password management a mainstream part of our risk assessment process.

Here are the Top 25 Most Common Passwords of 2013

  1. 123456
  2. password
  3. 12345678
  4. qwerty
  5. abc123
  6. 123456789
  7. 111111
  8. 1234567
  9. iloveyou
  10. adobe123
  11. 123123
  12. admin
  13. 1234567890
  14. letmein
  15. photoshop
  16. 1234
  17. monkey
  18. shadow
  19. sunshine
  20. 12345
  21. password1
  22. princess
  23. azerty
  24. trustno1
  25. 000000


After reading this list it is clear that utilizing passwords related to the application or website it’s used for is common practice.  I certainly hope our friends in the banking and defense industry are little more stringent with their requirements — though after supporting some of these entities in the past, I know better!