Earlier today, Splash Data (a California-based data management company), released its always-entertaining “Worst Passwords” list.
And to clarify, by “worst” they mean the ones that are most common, and most easily hacked. The vast majority of these passwords are in use by North American and Western European users.

More and more websites are upping their security requirements for passwords (with upper & lower case, numbers, special characters, etc.), but there are still many that allow users to use whatever they want, and it shows.
123456password, and 12345678 are three of the top four… again.

While most passwords on the list are simple & expected alpha-numeric sequences or words, there were some interesting additions, including starwarsprincess, and solo, showing up the same year as the release of the December blockbuster ‘Star Wars Episode VII’.
Check out the rest of the list below, and click here to see 2014’s Top 25.

If you happen to use passwords contained on this list, we strongly recommend changing them, and using a trusted password manager, if you think you’ll have trouble remembering the new ones. 
It’s also a great idea to change your passwords at least once a year, if not more often. I tend to keep mine for a few months at a time, and actually have a master list of websites I have accounts for, so I can just run through it in an afternoon and know I’m not forgetting any. Takes a little more time upfront, but sure beats the risk of someone else accessing my information!

Splash Data’s Worst Passwords of 2015

  1. 123456
  2. password
  3. 12345678
  4. qwerty
  5. 12345
  6. 123456789
  7. football
  8. 1234
  9. 1234567
  10. baseball
  11. welcome
  12. 1234567890
  13. abc123
  14. 111111
  15. 1qaz2wsx
  16. dragon
  17. master
  18. monkey
  19. letmein
  20. login
  21. princess
  22. qwertyuiop
  23. solo
  24. passw0rd
  25. starwars

We also advise against using birthdays; names of your spouse, children, or pets; sports; or other common words. And if possible, use different passwords for each of your accounts – one password to access all your information (emails, social media, forums, etc.) is less secure.