SplashData, a security app provider, has published its 2011 list for the “25 worst passwords of the year”.
They found that whilst many people are aware of the need for strong passwords, others are pretty lax about creating them.
The most commonly used ‘bad’ password was found to be the word password, with 123456 coming in at the number two spot.
And no, changing the O to a 0 in password doesn’t further protect the user; that one appears on the list too.
Common names are popular too, as are number sequences and keyboard sequences such as “qwerty”.
However, according to SplashData, there are also some minor mysteries, like the unusual popularity of “monkey” and “shadow”.
It was also found that, due to many sites now insisting upon passwords with numbers and letters, many people simply add 123 to their existing password, which many use on every site that they login to.
SplashData say that they publish the list in order to encourage the adoption of stronger passwords.
The top 25 are as follows:
The list “was compiled from files containing millions of stolen passwords posted online by hackers”. It’s therefore advisable that if your password appears on the list, you should change it.
“Hackers can easily break into many accounts just by repeatedly trying common passwords,” said Chris Slain, SpashData CEO.
“Even though people are encouraged to select secure, strong passwords, many people continue to choose weak, easy-to-guess ones, placing themselves at risk from fraud and identity theft,” he continued.
“What you don’t want is a password that is easily guessable. If you have a password that is short or common or a word in the dictionary, it’s like leaving your door open for identity thieves.”
He went on to explain that whilst thieves have “more sophisticated hacking tools at their disposal today”, they still prefer taking the easy option and choosing simple targets.
SplashData recommend that users choose passwords with 8 or more mixed characters and users should avoid using the same password for different sites. If many are needed, then a password manager may be advisable.
“It’s easy to start making your passwords better,” Slain said. “Start now; make it a resolution to keep it up and your whole life online will safer and more secure in 2012.”