With 2018 just around the corner, SplashData  (password management) is out with a fresh list highlighting some of the most commonly used — and thus least secure — passwords of 2017. Not surprisingly, the list is filled with a good number of the usual suspects, including “123456” and “Password,” two perennial classics.

The full list was tabulated after looking at more than 5 million passwords that surfaced over the past 12 months during various leaks. And while many of the passwords are familiar, there are some new entries worth noting, including “starwars” and “whatever.”

The top 10 worst passwords of 2017 are as follows:

  1. 123456
  2. password
  3. 12345678
  4. qwerty
  5. 12345
  6. 123456789
  7. letmein
  8. 1234567
  9. football
  10. iloveyou

Remember that for many social networks, the magic combination is User ID and Password. Guess what…many sites allow you to type your email as your User ID. If a hacker gets your email address, they already have HALF the magic combination and now just have to figure out your password. If its one of the above the likelihood is that your account will be hacked.