Passwords To Avoid: 2015's Worst Passwords Revealed
0Overall Score

SplashData has released the 2015 edition of its annual Worst Passwords List, with “123456” and “password” again taking out honours with the top two positions.The two passwords have been a fixture of the list since its inception in 2011, ranking annual favourites – “demonstrating how people’s choices for passwords remain consistently risky”.

SplashData’s fifth annual report, compiled from more than 2 million leaked passwords during the year, sees new and longer passwords making their debut, however, given their simplicity, their extra length is “virtually worthless as a security measure”.

These passwords include “1234567890”, “1qaz2wsx” (the first two columns of main keys on a standard keyboard), and “qwertyuiop” (the top row of keys on a standard keyboard), which  all appear in the top 25 list for the first time.

“We have seen an effort by many people to be more secure by adding characters to passwords, but if these longer passwords are based on simple patterns they will put you in just as much risk of having your identity stolen by hackers,” Morgan Slain, SplashData CEO, commented.

“As we see on the list, using common sports and pop culture terms is also a bad idea. We hope that with more publicity about how risky it is to use weak passwords, more people will take steps to strengthen their passwords and, most importantly, use different passwords for different websites.”

SplashData’s top 25 worst passwords of 2015 are:

1. 123456 (unchanged)
2. password (unchanged)
3. 12345678 (up 1)
4. qwerty (up 1)
5. 12345 (down 2)
6. 123456789 (unchanged)
7. football (up 3)
8. 1234 (down 1)
9. 1234567 (up 2)
10. baseball (down 2)
11. welcome (new)
12. 1234567890 (new)
13. abc123 (up 1)
14. 111111 (up 1)
15. 1qaz2wsx (new)
16. dragon (down 7)
17. master (up 2)
18. monkey (down 6)
19. letmein (down 6)
20. login (new)
21. princess (new)
22. qwertyuiop (new)
23. solo (new)
24. passw0rd (new)
25. starwars (new)