If your password is on this list, you’re asking to be hacked

Chris Davies - Jan 19, 2016, 3:46pm CST
If your password is on this list, you’re asking to be hacked

You’d think, with the number of times cloud services are hacked and online retailers’ data stolen, that we’d be more proactive with passwords. You’d be wrong. Once again, the research suggests that when it comes to being safe online, the credentials we pick are more about pop-culture and convenience than keeping other people out of our accounts.

SplashData did its yearly round-up of the most common passwords, and came up with some unsurprising – but no less disappointing for that – results.

Top of the chart is “123456” – which has held its position since 2014 – and “password” itself comes in second place. Popular sports are also high in the rankings – “football” in seventh place, and “baseball” in tenth – though some perennial favorites have fallen down the rankings.

For instance, “dragon” is down seven spots to 16th place, and the plaintive “letmein” is down six, to 19th place.

Perhaps in the hope that the Force will be with them – even if data security isn’t – enough people picked “starwars” to make it a new entry at 25.

The general advice when picking a secure login is to opt for a non-dictionary word, and a mixture of upper and lowercase letters, some numbers, and at least one special character. Interestingly, it seems a little of that advice might be rubbing off, with “passw0rd” – the “o” swapped for a zero – has made a new appearance in 24th place.

NOW READ: SlashGear 101: Picking a great password

It’s hardly a big win for safety, mind, and it’d be interesting to know what percentage of people are using two-factor authentication – where you require a secondary, usually time-sensitive code provided from an app, or sent to your phone as a message – to further protect their accounts.

Two-factor authentication is available on popular services like Gmail, but not enabled by default.

In short, if your password of choice is on the following top-25 list for 2015, it’s time to rethink your attitude to security:

1 – 123456 (unchanged from 2014)
2 – password (unchanged)
3 – 12345678 (Up 1)
4 – qwerty (Up 1)
5 – 12345 (Down 2)
6 – 123456789 (Unchanged)
7 – football (Up 3)
8 – 1234 (Down 1)
9 – 1234567 (Up 2)
10 – baseball (Down 2)
11 – welcome (New)
12 – 1234567890 (New)
13 – abc123 (Up 1)
14 – 111111 (Up 1)
15 – 1qaz2wsx (New)
16 – dragon (Down 7)
17 – master (Up 2)
18 – monkey (Down 6)
19 – letmein (Down 6)
20 – login (New)
21 – princess (New)
22 – qwertyuiop (New)
23 – solo (New)
24 – passw0rd (New)
25 – starwars (New)

SOURCE SplashData

Must Read Bits & Bytes