Checklist 450: Weak Passwords and Deepfake Celebrities 2025

Most People Still Use Terrible Passwords, New Research Shows

As the holiday season ramps up, new research shows that many users are entering the new year with shockingly weak passwords. Data compiled by security firm Comparitech, which analyzed more than 2 billion real account passwords leaked in 2025, reveals that simplistic combinations continue to dominate. The five most-used passwords of 2025 were:

1. 123456
2. 12345678
3. 123456789
4. admin
5. 1234

The infamous “password” ranked eighth.

Comparitech’s analysis highlights widespread reliance on predictable patterns:

• ~250 of the top 1,000 passwords were numbers only
• Nearly 40% included “123”
• 3.1% included “abc”
• Many consisted of a single character repeated, such as “111111” or “********”

Common words weren’t much better. Variations of pass/password, admin, qwerty, and even “welcome” made frequent appearances.

The report also noted that over 65% of passwords studied were shorter than 12 characters, despite expert recommendations. With modern cracking tools, short and predictable passwords are “easily guessed” or brute-forced, according to Comparitech.

The findings echo last year’s report from NordPass, covered by CNET, which similarly found “123456” at the top of users’ choices. CNET advised creating long, unique passwords and never reusing them—practices both firms say are key to defending against credential stuffing attacks, in which attackers use previously leaked logins to break into additional accounts.

Password managers remain a strong defense, generating and storing complex passwords so users don’t have to memorize them. For those in the Apple ecosystem, the built-in Passwords app in iOS 18, iPadOS 18, and macOS Sequoia offers breach alerts, password audits, and secure storage at no extra cost.

Experts across reports agree: use long, random, unique passwords—and enable two-factor authentication whenever possible.

Scammers’ Favorite Faces: McAfee Reveals 2025’s Most Deepfaked Celebrities

Awards season may still be months away, but McAfee has already spotlighted this year’s most “popular” stars—at least among scammers. In its annual report, “The Stars Scammers Love Most,” the security firm ranks the celebrities and influencers whose likenesses are being most frequently hijacked for AI-powered fake endorsements.

McAfee says the scam model is simple: use a trusted face to sell something that doesn’t exist. And it’s wildly effective. In a global survey of 8,600 people, the company found:

• 72% of Americans have encountered fake celebrity or influencer endorsements
• 39% clicked on at least one
• 1 in 10 lost money or personal data — averaging $525 per victim

Fraudsters are using AI-generated versions of stars like Taylor Swift and Tom Cruise to promote fake giveaways, bogus crypto schemes, skincare products, and malware-laced “exclusive” deals. Many of these deepfaked promotions spread across Meta platforms such as Instagram and Facebook — the same issue highlighted in last week’s warnings about shopping through social media ads.

McAfee’s Tips for Avoiding Deepfake Scams

The firm urges users to stay vigilant:

• Pause before clicking on offers that seem out of character or too good to be true
• Verify posts at the source — on the celebrity’s real, verified accounts
• Look for signs of AI manipulation (unnatural lighting, robotic tone, off-sync lips)
• Never share personal or payment information through messages

Even as deepfakes improve, skepticism remains the best defense.

The 2025 “Most Dangerous” Celebrities — U.S.

(“Dangerous” refers to scammers exploiting their likenesses — not the celebrities themselves.)

1. Taylor Swift
2. Scarlett Johansson
3. Jenna Ortega
4. Sydney Sweeney
5. Tom Cruise
6. Alexandria Ocasio-Cortez
7. Sabrina Carpenter
8. LeBron James
9. Kim Kardashian
10. Zendaya

Global Top 10

1. Taylor Swift
2. Scarlett Johansson
3. Jenna Ortega
4. Sydney Sweeney
5. Sabrina Carpenter
6. Tom Cruise
7. Brad Pitt
8. Billie Eilish
9. Emma Watson
10. Kendrick Lamar
    

Global Top 10 Influencers

1. Pokimane
2. MrBeast
3. Karina
4. qtcinderella
5. Brooke Monk
6. helydia
7. lena situation
   
8. Madison Beer
9. Cally Jane
10. Vicky Pattinson

How This Compares to 2024

Last year’s combined list (celebrities + influencers) featured Scarlett Johansson, Kylie Jenner, Taylor Swift, Anya Taylor-Joy, Tom Hanks, Sabrina Carpenter, Sydney Sweeney, Blake Lively, Johnny Depp, and Addison Rae. The shift highlights how quickly scammers adapt to changing cultural popularity — and how actors and influencers alike become victims alongside consumers.

With families gathering soon, McAfee urges people to talk to loved ones about deepfake dangers — and not just older relatives. As the report warns: “The next viral ‘giveaway’ might not be an ad at all…it could be bait.”