Earlier today, Splash Data (a California-based data management company), released its always-entertaining “Worst Passwords” list.
And to clarify, by “worst” they mean the ones that are most common, and most easily hacked. The vast majority of these passwords are in use by North American and Western European users.
More and more websites are upping their security requirements for passwords (with upper & lower case, numbers, special characters, etc.), but there are still many that allow users to use whatever they want, and it shows.
123456, password, and 12345678 are three of the top four… again.
While most passwords on the list are simple & expected alpha-numeric sequences or words, there were some interesting additions, including starwars, princess, and solo, showing up the same year as the release of the December blockbuster ‘Star Wars Episode VII’.
Check out the rest of the list below, and click here to see 2014’s Top 25.
If you happen to use passwords contained on this list, we strongly recommend changing them, and using a trusted password manager, if you think you’ll have trouble remembering the new ones.
It’s also a great idea to change your passwords at least once a year, if not more often. I tend to keep mine for a few months at a time, and actually have a master list of websites I have accounts for, so I can just run through it in an afternoon and know I’m not forgetting any. Takes a little more time upfront, but sure beats the risk of someone else accessing my information!
Splash Data’s Worst Passwords of 2015
- 123456
- password
- 12345678
- qwerty
- 12345
- 123456789
- football
- 1234
- 1234567
- baseball
- welcome
- 1234567890
- abc123
- 111111
- 1qaz2wsx
- dragon
- master
- monkey
- letmein
- login
- princess
- qwertyuiop
- solo
- passw0rd
- starwars
We also advise against using birthdays; names of your spouse, children, or pets; sports; or other common words. And if possible, use different passwords for each of your accounts – one password to access all your information (emails, social media, forums, etc.) is less secure.