The Basics Travel Tech

If One of These 20 Passwords is Yours, Change it Now!

Written by Charlie

If you have one of these 20 passwords, you need to change it now! Make sure your airline, hotel, bank, and other accounts are protected!

Over the past few years, we have seen airlines suffer data breaches again and again. Sometimes, these breaches of airlines and hotels have even allowed customers’ passport numbers to be found out. Online security is certainly important for all but if you are using one of these 20 passwords, you are definitely not secure!

If You Have One of These Passwords, Change it Now!

I used to work for a Defense Department contractor and we had security protocols that had us change our various system passwords often – and they had to be pretty difficult ones as well! But, this can get difficult to keep track of and even in a security conscience environment like that, it was common to see people write their passwords on a post-it note and stick it to their monitor. 🙂

It’s even worse with consumers! We tend to pick easy-to-remember passwords and use the same ones across all of our accounts. The problem is that these are incredibly easy to break and, even worse, through all the various hacks and breaches, many passwords have found their way to the dark web. Once there, hackers and other bad actors are able to get this information and then use it to access your accounts and steal miles/points and worse.

According to CNBCthe security firm Lookout published a list of 20 passwords that they found to be the most commonly leaked ones available on the dark web. Check this list and if you use any of them, stop it now and change it to something more secure!

  1. 123456
  2. 123456789
  3. Qwerty
  4. Password
  5. 12345
  6. 12345678
  7. 111111
  8. 1234567
  9. 123123
  10. Qwerty123
  11. 1q2w3e
  12. 1234567890
  14. 0
  15. Abc123
  16. 654321
  17. 123321
  18. Qwertyuiop
  19. Iloveyou
  20. 666666

I find some of the most hilarious ones are where people think they are being extra smart and safe – by doing something like the 1q2w3e (look at your keyboard to see how they got to that one and think about how easy it is, even though it is number/letter combos!). Another funny one to me is the 654321 – as if doing it in reverse will keep hackers out!

Best Practices for Passwords

Here are some tips to create a strong password. These are recommendations from numerous security professionals.

  • Use a mix of characters – this includes letters (lower-case and upper-case), numbers, and symbols
  • Make a long one – at least 15 characters is the suggested amount
  • Avoid common keyboard combinations – this would be something like doing “qwerty” or anything else where you are basically running your fingers across the keyboard
  • Avoid common identification markers – this would mean not using any combination of your name or otherwise identifiable information (like birthdate, social security numbers, address, phone number, etc)

There are browsers (like Safari for Mac/Apple) that will suggest very strong passwords when you are setting up your account on various sites – and then offer to store it for you. This storage is good because it is only accessible from within your account – so make sure that password is very secure!

Another thing to do is to use two-factor-authentication. This uses things like notification sent to a confirmed phone number/e-mail address with a code that must be entered in a timely fashion after entering your account information. Another method is using an authenticator that has a rotating 6 digit code that must be entered before it changes.

For any of your online accounts, not just hotels and airlines and banks, you need to make sure you are well protected! The airlines and hotels have not done that great of a job (for crying out loud, IHG used to only allow a 4 digit pin!) but we can do better at making sure we have protected our accounts. Start by changing your password if it is one of the above. 🙂

Some of the links on Running with Miles are affiliate links that pay a commission if a purchase is made. Running with Miles is a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to

About the author


Charlie has been an avid traveler and runner for many years. He has run in marathons around the world for less than it would cost to travel to the next town - all as a result of collecting and using miles and points. Over the years, he has flown hundreds of thousands of miles and collected millions of miles and points.
Now he uses this experience and knowledge to help others through Running with Miles.

1 Comment

  • I wonder how safe is “123qwe123qwe123qwe”? Some say it is easy to break. Others say it is hard due to the length of 18 characters.