Believe it or not, but following the PRISM scandal, increased cyber-security threats and a growing awareness of just how easy it is to hack a computer or phone, passwords in 2015 actually got worse than in years past. New research from password management software developer, SplashData, shows that while passwords have gotten longer, they haven’t gotten better.
So what constitutes one of the worst passwords of 2015? Well, perennial favorites “qwerty” and “12345” made the list, as did “1234” and “123456” (which actually took the number one spot). The second position was taken by, you guessed it, “password”.
You may scoff at the idiocy of these ultra-weak passwords, but at least some people were paying attention to the need for longer passwords for added security. This is why the list also included “1234567890” and “qwertyuiop” – the entire top row on a QWERTY keyboard. They get an A for effort, but not for security.
In fact, every number string from “1234” to “1234567890” was in the 12 most popular passwords. So where did this data come from? From over two million leaked passwords shared online by hackers. But it wasn’t all number strings and QWERTY key layout passwords. Some other high-ranking passwords included sports like “football” and “baseball”, which both made the top ten, and animals including “monkey” and “dragon”.
With all the Star Wars hype going on last year, some people were motivated enough to strengthen their passwords by using such unimaginably strong passwords as “starwars” and “solo”. Something tells me the force wasn’t guiding those decisions. Of all the obvious passwords on the list, a couple stand out for at least trying to be good, alpha-numeric passwords: “1qaz2wsx” and “passw0rd” come to mind.
Are you using any of these terrible passwords? If you are, then stop. You’re not fooling anyone. In fact, you should never use number strings – especially not in ascending order – or standard English words. Alpha-numeric passwords with a mix of upper and lower-case letters and symbols are best. Names of pets, birthdays, children’s or partner’s names are all a non-no.
If the prospect of making uncrackable passwords seems too daunting, then why not try a third-party password manger? We’ve recently posted about Enpass and LastPass, plus there’s Dashlane and 1Password to consider. These apps let you create one master password to protect all your other passwords, which you can make as complex as you need because you don’t need to remember them. Just don’t make your master password “starwars” OK?
For the curious, here are the top 25 worst passwords of 2015, according to SplashData: