Do Son 
If you believe your password is safe simply because you don’t reuse it across multiple sites, know how to spot phishing attempts, and steer clear of infostealers—think again. Your password may be so weak that it could be cracked faster than you can finish reading this sentence. And if it appears on Huntress Security’s newly released list of the worst passwords, published on May 22, it’s time to sound the alarm.
It may sound alarming, but it’s true: automated password-cracking systems can decipher predictable combinations in a fraction of a second. Even with major cybercriminal networks like Lumma Stealer dismantled, the greatest threat to your digital security isn’t a hacker—it’s you. The habit of reusing the same password, choosing simplistic and convenient strings, and delaying updates all work against you.
Here are just a few examples from the list of the most commonly used—and therefore most vulnerable—passwords: 123456, 123456789, 12345678, password, qwerty123, qwerty1, 111111, 12345, secret, 123123, 1234567890, 1234567, 000000, qwerty, abc123, password1, iloveyou, 11111111, dragon, monkey… Yes, people are still using these.
There’s nothing surprising here: easy to type, easy to remember, used for years—these passwords seem convenient. But that very convenience makes them dangerous. The simpler the combination, the more likely it is to be known. Most such lists are compiled from logs gathered by malware that steals credentials from infected devices.
If your password appears in this list—change it immediately. Not later, not tomorrow, not “when you have time.” Right now.
Even better—abandon passwords altogether in favor of passkeys, such as biometric authentication or hardware keys, which are far more secure and user-friendly. And to spare yourself the headache of inventing complex combinations, use a password manager—it will help generate and securely store unique, truly resilient credentials.
Donate