It’s progress, kind of: people are using longer passwords for their online accounts. But bigger doesn’t necessarily mean better.
Internet security firm SplashData recently released its list of the worst passwords, updated for 2015. And the news—again—isn’t good. Some Internet users appear to have gotten the message that they need to use longer strings of characters to secure their accounts, but the lengthier passwords they’ve chosen are worthless. Says SplashData:
[T]he longer passwords are so simple as to make their extra length virtually worthless as a security measure. For example, “1234567890”, “1qaz2wsx” (first two columns of main keys on a standard keyboard), and “qwertyuiop” (top row of keys on a standard keyboard) all appear in the top 25 list for the first time, but they are each based on simple patterns that would be easily guessable by hackers.
Perennial champs “123456” and “password” continue to occupy the top two spots on the ranking, but another long-time favourite, “letmein” dropped six spots this year. New entrants include “welcome” and the cunning “passw0rd”—featuring a zero where the “O” should be. In a nod to the zeitgeist, “starwars” occupies the No. 25 slot.
Needless to say, all of these passwords are well-known to the miscreants looking to access email, social media, banking and other online platforms protected by username/password combinations, and you should never, ever use them. (Luckily, it’s easier than you might think to lock down your accounts with super-secure passwords.)
The Worst Passwords of 2015:
Using one of these? Resolve to change it, and soon.
|Rank||Password||Change from 2014|
|3||12345678||▲ 1 spots|
|4||qwerty||▲ 1 spots|
|5||12345||▼ 2 spots|
|7||football||▲ 3 spots|
|8||1234||▼ 1 spots|
|9||1234567||▲ 2 spots|
|10||baseball||▼ 2 spots|
|13||abc123||▲ 1 spots|
|14||111111||▲ 1 spots|
|16||dragon||▼ 7 spots|
|17||master||▲ 2 spots|
|18||monkey||▼ 6 spots|
|19||letmein||▼ 6 spots|
MORE IN OUR SPECIAL SERIES ON DATA SECURITY:
- Stop using anything on this list of 2015’s worst passwords
- A foolproof way to make your passwords more secure
- Reduce your risk of financial fraud by watching for these red flags
- Here’s why you should start encrypting your entire website
Check out our previous series:
More than a third of Canadians feel overwhelmed at work because they have no system. Here’s how to get on top of things