Software group SplashData has released its yearly "worst passwords" list, featuring cringeworthy choices by users.
Every year since 2011, SplashData has published a list of the worst passwords that users commonly choose, many of which are repeated year after year. Topping the list in first and second place are "123456" and "password" respectively, which hold their positions from last year. New passwords that made the list this year include "welcome" and "login," along with some themed ones such as "princess," "solo," and "starwars." The usual members of the list have shuffled ranks year after year, and include the popular "12345," "football," "baseball," "letmein," and others. Security concerns over weak passwords have only increased over the past year, and SpashData's annual post highlights that our habits are not necessarily improving.
One change in the lineup from last year is that the passwords seem to be getting longer. Whether this is spurred by websites simply requiring passwords to have more characters, or whether users are beginning to elongate their passwords voluntarily to feel more secure, SplashData CEO, Morgan Slain, explained that this might not make a difference in security. "We have seen an effort by many people to be more secure by adding characters to passwords," noted Slain, "but if these longer passwords are based on simple patterns they will put you at just as much risk of having your identity stolen by hackers." These longer but ineffective passwords include "qwertyuiop" (extended from simply "qwerty"), "1234567890," or "1qaz2wsx."
Photo: © iStock.