When it comes to making up passwords, we’re not doing so great as a society.
Password management firm SplashData released its annual “Worst Passwords List,” revealing that humans have remained rather indifferent to choosing unique, secure passwords since the company’s first report in 2011. SplashData analyzed more than 2 million leaked passwords in 2015 and found several trends in the most common ones.
“Password” and “123456” still claim the top two spots on the list, where they’ve remained for the past five years (we can’t say we’re too surprised). Simple numerical passwords remain an easy go-to; six of the top 10 passwords are comprised of only numbers.
You’ll also find that references to sports and pop culture are fairly common. “Football” and “baseball” are both in the top 10 list, and in line with the release of The Force Awakens, “starwars,” “solo” and “princess” are all new entries on this year’s list.
Several others that weren’t on the 2014 list include “welcome,” “login” and “passw0rd.” Changing that “o” in password to a zero might seem original, but a lot of people had the same idea.
If you see your password on this list, make your 2016 resolution to do better. In parentheses, we’ve noted how that password fared on last year’s list.
- 123456 (unchanged from 2014)
- password (unchanged)
- 12345678 (up 1 spot from 2014)
- qwerty (up 1)
- 12345 (down 2)
- 123456789 (unchanged)
- football (up 3)
- 1234 (down 1)
- 1234567 (up 2)
- baseball (down 2)
- welcome (not on 2014’s list)
- 1234567890 (not on 2014’s list)
- abc123 (up 1)
- 111111 (up 1)
- 1qaz2wsx (not on 2014’s list)
- dragon (down 7)
- master (up 2)
- monkey (down 6)
- letmein (down 6)
- login (not on 2014’s list)
- princess (not on 2014’s list)
- qwertyuiop (not on 2014’s list)
- solo (not on 2014’s list)
- passw0rd (not on 2014’s list)
- starwars (not on 2014’s list)
Bonus: For the password challenged, SplashData also offers three tips to help.
- Use passwords with 12 characters or more with mixed types of characters.
- Avoid using the same password over and over again on different websites.
- Use a password manager, like SplashID or LastPass, to organize and protect passwords, generate random passwords and automatically log into websites.
Have something to add to this story? Share it in the comments.