How common are bad passwords?

# Password
1 password
2 123456
3 12345678
4 abc123
5 qwerty
6 monkey
7 letmein
8 dragon
9 111111
10 baseball
11 iloveyou
12 trustno1
13 1234567
14 sunshine
15 master
16 123123
17 welcome
18 shadow
19 ashley
20 football
21 jesus
22 michael
23 ninja
24 mustang
25 password1
Source: Splashdata

As I was looking for a hacker site that would offer a complete list of passwords, I found a page that showed the top 25 passwords used on common websites such as Facebook and Twitter, and even email systems like Yahoo! or GMail.

I wonder why some people think their account is safe with such passwords. I can see that with million of users you can easily get such stupid entries. What amazes me the most is the fact that big companies like Facebook and Twitter let you use such bad passwords. Anything which is a word (English or otherwise) should be forbidden unless you let the users enter a complete sentence, but even though, sentences are not that protective since the number of words in a language that are commonly used is quite limited (a few thousand.)

Now, I just have to laugh at a few of them. Look at these number passwords:


How good are those?! Hey: 12345678 is 8 character long, at least! And what about the "abc123" password? Marvelous too, hey!?

Of course, one of the funniest is "welcome" since all those users are greating the hacker to their account!

Ready to download password dictionaries?
Millions of passwords can be found here: