The Worst Passwords of 2015: '12345' Is Not a Good Way to Secure Your Data
Technology may be rapidly evolving toward the future, but the way most of us secure it sure isn't. For the fifth year in a row, cyber security firm SplashData has released a compilation of the past year's worst passwords, many of which also happen to be the year's most popular passwords. Go figure.
Some of the top winners for worst passwords of 2015 appeared on the list the previous year as well -- and likely have since the tech industry first started requiring passwords for access to things in general.
The security company (which, incidentally, offers secure password management services) gathered up a series of password dumps from the year, mostly from hacked sites, and sorted the data to tally up the most common user attempts at securing their accounts.
Well, "attempts" is a little generous. Here are the top 10 most common (and all equally terrible) passwords from SplashData:
1. "123456"
2. "password"
3. "12345678"
4. "qwerty"
5. "12345"
6. "123456789"
7. "football"
8. "1234"
9. "1234567"
10. "baseball"
Most of these passwords have stayed in the top 10 since last year. The fifth-place password has actually dropped two places since 2014.
Latin Post was unable to confirm whether a spike in awareness of a nearly 30-year old gag in the Mel Brooks movie "SpaceBalls" had anything to do with the change.
A few other gems from the 25 most popular, and worst, passwords from 2015: "111111" gained popularity, while the full row of numbers in order, "1234567890," placed in the top 25 for the first time ever.
Interestingly some other new, but still terrible, passwords in the top 25 seem to reflect the cultural zeitgeist of 2015 -- at least a little more than the passwords conjured using the oh-so-original, indecipherable and surely un-hackable method of "pressing down a series of keyboard keys, in order, from left to right."
Popping up in the 25 most popular (and still terrible) passwords for the first time: "princess," "solo," and "starwars."
It wouldn't take a Jedi mind trick to crack these, so if you're recognizing one of your account logins reading this, please go and change your password. Now. Or, even better, spring the few dollars that a password management tool like LastPass costs to secure all of your accounts across all devices.
All kidding aside, bad passwords mean bad security. It's no wonder this list consists of the most common instances in a pool of password dumps from hacked accounts. And bad security means you're hurting your own privacy, and increasing the chance of having your data -- i.e., valuable details about your life -- stolen. Or worse.
"We have seen an effort by many people to be more secure by adding characters to passwords, but if these longer passwords are based on simple patterns they will put you in just as much risk of having your identity stolen by hackers," said Morgan Slain, CEO of SplashData. "As we see on the list, using common sports and pop culture terms is also a bad idea. We hope that with more publicity about how risky it is to use weak passwords, more people will take steps to strengthen their passwords and, most importantly, use different passwords for different websites."
Subscribe to Latin Post!
Sign up for our free newsletter for the Latest coverage!