At the beginning of every year we get to see what the worst passwords were for the previous year. These also happen to be the most common passwords, and therefore the least secure. With the recent security hacks, I thought it would be good to bring this up again. How many of these password faux pas have you comitted?
The 25 top (worst) passwords of 2014:
1. 123456 (Unchanged from 2013)
2. password (Unchanged)
3. 12345 (Up 17)
4. 12345678 (Down 1)
5. qwerty (Down 1)
6. 234567890 (Unchanged)
7. 1234 (Up 9)
8. baseball (New)
9. dragon (New)
10. football (New)
11. 1234567 (Down 4)
12. monkey (Up 5)
13. letmein (Up 1)
14. abc123 (Down 9)
15. 111111 (Down 8)
16. mustang (New)
17. access (New)
18. shadow (Unchanged)
19. master (New)
20. michael (New)
21. superman (New)
22. 696969 (New)
23. 123123 (Down 12)
24. batman (New)
25. trustno1 (Down 1)
I’m proud to say that none of my passwords make this list, although I do quite like the irony of using “trustno1”. Also no 22, “696969”, just goes to show that we never really grow up.
So why do “123456” and “password” still rank so high despite the security risks? According to Mark Burnette, the security expert who helped compile the 2014 list, these may be the most common passwords, but the percentage of people using them has decreased. This means that for the most part, we are using better passwords.
However, the security boss at Dropbox, Patrick Helm, says that the biggest threat to security is the user and their passwords. Or as this article so eloquently put it, “The biggest threat to files is dumb users”.
How do you create a strong password?
- Create a master password and use a password manager
- Avoid these bad password habits
- Use a random password generator
Most people wait 2.5 years before changing their passwords. Don’t be most people.
