When it comes to internet security, we must do our part. SplashData just recently released the list of what are the worst passwords of 2015 that are worryingly still in use. They mark a true persistence on the side of web users who, in spite of warnings, still remain consistent in their virtually useless picks.
Anyone still using ‘123456’?
As we head into 2016, there are truly very few excuses that can be used to mask mistakes when we make things extra easier for hackers. The warnings are there, and websites commonly make demands for stronger passwords. In fact, some will deny the simplest attempts, so that the dreaded ‘123456’ will never be used again. And yet, it persevered.
For the fifth time in a row, SplashData published the “Worst Password List” of the previous year, showing a remarkable stubbornness of users and perhaps a dash of attempt at creativity. Unfortunately, the attempt fails because of familiar and easy-to-guess patterns.
The report was compiled from over 2 million leaked passwords in 2015, with the intention of bringing awareness for the need of stronger cyber protection. On the list there are many of the classics, along with some fresh ones that are equally bad in spite of their newfound popularity. Simply changing the row or column of keys to press on a keyboard will not result in a safer password, although it may look like it.
For example, “1qaz2wsx” may appear to be a random string of letters at first glance. However, they are the first two rows going down on the keyboard. It’s the same unsafe pattern as “1234567890” or “qwertyuiop”, only in a different direction. Unfortunately, they remain common and are easy to guess by hackers. CEO of SplashData, Morgan Slain, stated that there have been attempts by people to make longer passwords in thinking they will be more secure. However, that is simply not the case.
If these longer strings of words and numbers are in a simple pattern, they will not provide more security.
Sports and pop culture have recently entered the list of the worst passwords of last year. “Football” has climbed its way up the ranks, while “baseball” fell a few spots, but it’s still there. And, if anyone had any doubts about the series’ popularity, ‘Star Wars’ themed passwords have also recently entered the list. With words such as “solo”, “starwars”, or “princess”, they have been a common entry, albeit a bad one.
The top 25 worst passwords
- welcome (new entry)
- 1234567890 (new entry)
- 1qaz2wsx (new entry)
- login (new entry)
- princess (new entry)
- qwertyuiop (new entry)
- solo (new entry)
- passw0rd (new entry)
- starwars (new entry)
According to SplashData, there are some simple guidelines to avoid seeing your password on this list. For one, simple patters must be avoided, along with popular past times and familiar commands such as “login”. The most secure passwords would have up to 12 characters with a mixture of letters, numbers, and symbols. Using the same password over and over again should also be avoided in order to not have all your accounts vulnerable at the same time should something happen.
Some would say that a true hacker can break any password, but perhaps it’s better if we don’t make things extra easy for them.
Image source: post-gazette.com