Research conducted by Keeper, a password management app, has revealed that 17% of internet users still use the password “123456”.

The Keeper team went through 10 million passwords that became public as a result of data breaches in 2016 and found that the list of frequently used passwords hasn’t changed much over the years.

“That means that user education has limits,” said the firm. “While it’s important for users to be aware of risks, a sizeable minority are never going to take the time or effort to protect themselves. IT administrators and website operators must do the job for them.”

What Keeper is suggesting is that operators and admins take greater control over user access and ban simple and short passwords from being used.

Curiously “18atcskd2w” is the 15th most popular password. While this random string of characters seems innocuous Keeper suggests that this password is being used by the likes of spambots.

“Seemingly random passwords such as “18atcskd2w” and “3rjs1la7qe” on the list indicates that bots use these codes over and over when they set up dummy accounts on public email services for spam and phishing attacks. Email providers could do everyone a favor by flagging this kind of repetition and reporting the guilty parties,” said Keeper.

We’ve included a list of the top ten worst passwords below and we highly recommend changing your password to something more secure if your password of choice pops up.

Rank Password
1 123456
2 123456789
3 qwerty
4 12345678
5 111111
6 1234567890
7 1234567
8 password
9 123123
10 987654321

We’ve also compiled a handy guide that will give you some tips on how to make a more secure password and be a bit safer online this year.