Worst 20 WordPress passwords (that you are using)

No amount of security plugins, or a hi-tech hosting environment, or the best administrators in the world will help you if your password is 123456. “It’s not” – you say. You’re not stupid, right? Unfortunately, raw stats show a different story – people continuously use the worst passwords.

4 years of data paints a bleak picture

Security Ninja, our WordPress security plugin that performs 30+ tests to make sure your site is secure has a test that compares user passwords to a list of most frequently used passwords. Those are really bad passwords such as 12345, god, login or princess. You’d think that people don’t use them but they do, often! We’ve been collection anonymous statistical data from hacked sites that we’ve clean up during the last four years and the trend hasn’t changed much. People continuously use the same bad passwords.

TOP 20 worst passwords for last four years

  2015 2014 2013 2012
#1 123456 123456 123456 password
#2 password password password 123456
#3 12345678 12345 12345678 12345678
#4 qwerty 12345678 qwerty abc123
#5 12345 qwerty abc123 qwerty
#6 123456789 1234567890 123456789 monkey
#7 football 1234 111111 letmein
#8 1234 baseball 1234567 dragon
#9 1234567 dragon iloveyou 111111
#10 baseball football adobe123 baseball
#11 welcome 1234567 123123 iloveyou
#12 1234567890 monkey admin trustno1
#13 abc123 letmein 1234567890 1234567
#14 111111 abc123 letmein sunshine
#15 1qaz2wsx 111111 photoshop master
#16 dragon mustang 1234 123123
#17 master access monkey welcome
#18 monkey shadow shadow shadow
#19 letmein master sunshine ashley
#20 login michael 12345 football

Stop using bad passwords!

Yes, we know you won’t use a 20 characters long password with numbers and special characters (although you should). But there’s a huge gap between that and using 12345. Please, make up something that’s at least 8 characters long, is specific for you, but isn’t the name of your dog. Add some numbers and at least one special character in the middle of the word and you should be good. If you continue to use princess don’t complain that people are hacking into your site. They’re not. They’re simply logging in.

Start Blog Book


This guide is an introduction to mastering the art of blogging. It provides easy to follow steps to start, maintain, and grow your blog.

Read the guide

One thought on “Worst 20 WordPress passwords (that you are using)

Leave a Reply

Your email address will not be published. Required fields are marked *