Share Button

Just last month, we found out that hackers have breached Adobe’s network and stole source code for a variety of Adobe products as well as accessing and posting online Adobe customer account information, including customer IDs, email addresses, passwords, and encrypted credit card details amongst others. Unfortunate as it is, cyber attacks have just become more and more prevalent as time goes on. Large companies with popular products such as Adobe get a lot of attention from cyber hackers, but even smaller companies and startups have more pressure now than ever to keep their networks, systems and consumer data under watertight security measures.

If you haven’t taken steps already, now is a great time to get serious about protecting yourself online – every time another breach happens we’re reminded to change our passwords, but that simply isn’t enough if you don’t follow the basic guidelines of internet security:

  • Use complex passwords
  • Never use the same password for more than one service
  • Don’t state your password itself in the “hint”
  • Don’t give out your password to others

While quite simple in principle, these guidelines tend to be very difficult to follow since it’s difficult to memorize too many different combinations of password you may use. Even then, many people still don’t take the idea of being hacked or having their personal information stolen too seriously. Below we can see by the Adobe breach, courtesy of Jeremi Gosney and the security firm Stricture Consulting Group, what the top 100 passwords used by Adobe users are. This is a glimpse for everyone, hackers especially, to see how people select passwords on a large scale.

Top 100 Adobe Passwords

# Count Plaintext
1 1911938 123456
2 446162 123456789
3 345834 password
4 211659 adobe123
5 201580 12345678
6 130832 qwerty
7 124253 1234567
8 113884 111111
9 83411 photoshop
10 82694 123123
11 76910 1234567890
12 76186 0
13 70791 abc123
14 61453 1234
15 56744 adobe1
16 54651 macromedia
17 48850 azerty
18 47142 iloveyou
19 44281 aaaaaa
20 43670 654321
21 43497 12345
22 37407 666666
23 35325 sunshine
24 34963 123321
25 33452 letmein
26 32549 monkey
27 31554 asdfgh
28 28349 password1
29 28303 shadow
30 28132 princess
31 27853 dragon
32 27840 adobeadobe
33 27720 daniel
34 27699 computer
35 27415 michael
36 27387 121212
37 26502 charlie
38 25341 master
39 24499 superman
40 24372 qwertyuiop
41 23417 112233
42 23157 asdfasdf
43 22719 jessica
44 22672 1q2w3e4r
45 22204 welcome
46 22180 1qaz2wsx
47 22143 987654321
48 22103 fdsa
49 21795 753951
50 21449 chocolate
51 21383 fuckyou
52 21208 soccer
53 21100 tigger
54 20961 asdasd
55 20581 thomas
56 20578 asdfghjkl
57 20571 internet
58 20331 michelle
59 20268 football
60 20022 123qwe
61 19907 zxcvbnm
62 19825 dreamweaver
63 19818 7777777
64 19237 maggie
65 19129 qazwsx
66 19113 baseball
67 18969 jennifer
68 18879 jordan
69 18470 abcd1234
70 18177 trustno1
71 18108 buster
72 18049 555555
73 18008 liverpool
74 17986 abc
75 17933 whatever
76 17717 11111111
77 17706 102030
78 17581 123123123
79 17454 andrea
80 17442 pepper
81 17296 nicole
82 17174 killer
83 17077 abcdef
84 16963 hannah
85 16898 test
86 16616 alexander
87 16535 andrew
88 16526 222222
89 16468 joshua
90 16456 freedom
91 16374 samsung
92 16177 asdfghj
93 16091 purple
94 16073 ginger
95 15962 123654
96 15910 matrix
97 15803 secret
98 15788 summer
99 15752 1q2w3e
100 15637 snoopy1

We can learn a lot from this data dump, foremost that none of these passwords constitutes as “complex.” If you happen to use any of the above as a password for anything, that needs to be the first thing you change – follow the general guidelines above when coming up with new passwords. Secondly, never use the same password for anything else; the same way we can learn from others in this situation, so can hackers. Once they figure out your email address along with your password, no matter how complex, if you use it for other services such as shopping sites, email, or social media, they can use that password to try to break into your other accounts which can further wreak more havoc, especially retail sites that may have your credit card or bank information stored. If your password is discovered, you should not only change the password on the site in question but also anywhere else you may be using it.

Gosney mentioned via ZDNet that it only took a few hours to determine the top 100 passwords, and the Adobe database that was breached affected at least 130 million Adobe accounts. Use this link if you want to check to see if you may be a victim of the Adobe breach, and if so, how many people use the same password that you do.