Pro tip: choosing "password" as your online password is not a good idea. In fact, unless you're hoping to be an easy target for hackers, it's the worst password you can possibly choose.
"Password" ranks first on password management application provider SplashData's annual list of worst internet passwords, which are ordered by how common they are. ("Passw0rd," with a numeral zero, isn't much smarter, ranking 18th on the list.)
[More from Mashable: HOW TO: Protect Your Company’s Passwords]
The list is somewhat predictable: Sequences of adjacent numbers or letters on the keyboard, such as "qwerty" and "123456," and popular names, such as "ashley" and "michael," all are common choices. Other common choices, such as "monkey" and "shadow," are harder to explain.
[More from Mashable: Web Security: Why You Should Always Use HTTPS]
As some websites have begun to require passwords to include both numbers and letters, it makes sense varied choices, such as "abc123" and "trustno1," are popular choices.
SplashData created the rankings based on millions of stolen passwords posted online by hackers. Here is the complete list:
- 1. password
- 2. 123456
- 3.12345678
- 4. qwerty
- 5. abc123
- 6. monkey
- 7. 1234567
- 8. letmein
- 9. trustno1
- 10. dragon
- 11. baseball
- 12. 111111
- 13. iloveyou
- 14. master
- 15. sunshine
- 16. ashley
- 17. bailey
- 18. passw0rd
- 19. shadow
- 20. 123123
- 21. 654321
- 22. superman
- 23. qazwsx
- 24. michael
- 25. football
SplashData CEO Morgan Slain urges businesses and consumers using any password on the list to change them immediately.
"Hackers can easily break into many accounts just by repeatedly trying common passwords," Slain says. "Even though people are encouraged to select secure, strong passwords, many people continue to choose weak, easy-to-guess ones, placing themselves at risk from fraud and identity theft."
The company provided some tips for choosing secure passwords in a statement:
- 1. Vary different types of characters in your passwords; include numbers, letters and special characters when possible.
- 2. Choose passwords of eight characters or more. Separate short words with spaces or underscores.
- 3. Don't use the same password and username combination for multiple websites. Use an online password manager to keep track of your different accounts.
Are these lists helpful? Do you need to rethink any of your password choices? Let us know in the comments.
Image courtesy of iStockphoto, peepo
This story originally published on Mashable here.
129 comments