Published on: 1/20/2016

The 25 Worst Passwords of 2015

User Image Web Editor Last updated on: 1/20/2016, Permalink

SplashData has announced the 2015 edition of its 'Worst Passwords List' highlighting the most insecure passwords of the year.

'123456' and 'password' are still the most commonly used passwords. They have been since the list first debuted in 2011. SplashData compiled its list from more than two million leaked passwords during the year. 

Some new longer passwords made their debut this year but they are so simple that their extra length is virtually worthless as a security measure. For example, “1234567890”, “1qaz2wsx” (first two columns of main keys on a standard keyboard), and “qwertyuiop” (top row of keys on a standard keyboard) all appear in the top 25 list for the first time, but they are each based on simple patterns that would be easily guessable by hackers.

“We have seen an effort by many people to be more secure by adding characters to passwords, but if these longer passwords are based on simple patterns they will put you in just as much risk of having your identity stolen by hackers,” said Morgan Slain, CEO of SplashData. “As we see on the list, using common sports and pop culture terms is also a bad idea. We hope that with more publicity about how risky it is to use weak passwords, more people will take steps to strengthen their passwords and, most importantly, use different passwords for different websites.”

Here's the full list. If one of your passwords is on it, we recommend you change it as soon as possible...

SplashData’s “Worst Passwords of 2015”:
1 – 123456 (unchanged from 2014)
2 – password (unchanged)
3 – 12345678 (Up 1)
4 – qwerty (Up 1)
5 – 12345 (Down 2)
6 – 123456789 (Unchanged)
7 – football (Up 3)
8 – 1234 (Down 1)
9 – 1234567 (Up 2)
10 – baseball (Down 2)
11 – welcome (New)
12 – 1234567890 (New)
13 – abc123 (Up 1)
14 – 111111 (Up 1)
15 – 1qaz2wsx (New)
16 – dragon (Down 7)
17 – master (Up 2)
18 – monkey (Down 6)
19 – letmein (Down 6)
20 – login (New)
21 – princess (New)
22 – qwertyuiop (New)
23 – solo (New)
24 – passw0rd (New)
25 – starwars (New)

Three simple tips for better passwords:
● Use passwords or passphrases of twelve characters or more with mixed types of characters
● Avoid using the same password over and over again on different websites
● Use a password manager such as SplashID to organize and protect passwords, generate random passwords, and automatically log into websites

1/20/2016 | 5508 | Permalink