Even with all the news about hackers gaining access to retailers and a major movie studio, people are still slacking when it comes to coming up with passwords. The annual list of worst passwords is out and it still has “123456” at No. 1.
SplashData’s Worst Passwords of 2014 features “123456,” which was also No. 1 last year. It beat “password,” which is also at No. 2 for the second consecutive year. These two have either been No. 1 or No.2 every year since 2011, when SplashData started compiling the list.
The site’s study is based on 3.3 million passwords that were leaked during 2014.
Five of the 10 worst passwords are numbers. The words that made the list, aside from “password,” are “football,” “baseball,” “dragon” and “qwerty.”
The Top 25 list also includes “batman” at No. 24 and “superman” at No. 21. “Monkey” is also a terrible one, landing at No. 12.
SplashData did provide a few hits for creating new passwords and one of them is not using a favorite sport or team name. Avoiding common names and years is also a good idea. Swear words should also be avoided.
"The bad news from my research is that this year's most commonly used passwords are pretty consistent with prior years," Mark Burnett, an online security expert who worked with SplashData said. "The good news is that it appears that more people are moving away from using these passwords. In 2014, the top 25 passwords represented about 2.2% of passwords exposed. While still frightening, that's the lowest percentage of people using the most common passwords I have seen in recent studies."
Here’s the Top 10 worst passwords, according to SplashData:
1. 123456
2. password
3. 12345
4. 12345678
5. qwerty
6. 123456789
7. 1234
8. baseball
9. dragon
10. football