123456 has topped a list of the 25 worst log-ins compiled from files containing millions of stolen passwords posted online last year.
Those who used plain old "password" will be relieved to know that it has slipped from number one to number two in the list compiled by SplashData.
It started the chart after a security breach at software firm Adobe last year which saw a large number of personal details and passwords being posted online.
Third on the list was 12345678, fourth was "qwerty" and fifth "abc123".
Meanwhile, 123456789 and 111111, 1234567 and "iloveyou" were also among the top ten.
Morgan Slain, chief executive of SplashData, said: "Seeing passwords like 'adobe123' and 'photoshop' on the list offers a reminder not to base your password on the name of the website or application you are accessing."
The company said the list showed "many people continue to put themselves at risk by using weak, easily guessable passwords".
Mr Slain added: "Another interesting aspect of this year's list is that more short numerical passwords showed up even though websites are starting to enforce stronger password policies.
"For example, new to this year's list are simple and easily guessable passwords like 1234 at number 16, 12345 at number 20, and 000000 at number 25.
The company warned that even passwords with common substitutions like "dr4mat1c" can be vulnerable to cyber-attackers and advised people with any of the passwords on its list to change them now.