Security app company SplashData unveiled its annual list of the top 25 most common passwords that people use online.

Being the most common ones, these are the absolute worst possible choices for users thinking of a password for an online account.

This is SplashData's fourth version of the annual report, which the company compiled from over 3.3 million passwords that were leaked last year.

The passwords "123456" and "password" retain their position as the top two worst passwords. The password "123456" was also the worst one last year, with "password" also the second worst. For the first two years of the report, it was "password" at the top spot and "123456" at the second position.

The passwords "12345," "12346578" and "qwerty" round out the top five.

Continuing the trend that can be seen in previous reports, passwords that are made up entirely of numbers take up several spots. Out of the top 25 most common passwords last year, nine were pure numeric passwords.

SplashData said that the passwords included in the 2014 report were mostly from users living in North America and Western Europe. While there was a leakage of millions of passwords for accounts from Russia, the passwords were not included for the report's analysis.

The company's annual list of worst passwords shows that some users are still not learning from reports of massive online attacks, one of the most recent of which is the widespread hack attack carried out against Sony Pictures Entertainment. People continue to use weak passwords that can easily be cracked.

"Passwords based on simple patterns on your keyboard remain popular despite how weak they are," said SplashData CEO Morgan Slain.

"Any password using numbers alone should be avoided, especially sequences. As more websites require stronger passwords or combinations of letters and numbers, longer keyboard patterns are becoming common passwords, and they are still not secure."

Examples of trends in passwords are the increasing use of "qwertyuiop," which is the top row of the keyboard, and "1qaz2wsx," which are the first two columns of the keyboard. These passwords are seeing increased uses because of the higher number of websites that require longer passwords from their users.

SplashData also issued recommendations on which passwords to avoid, which includes sports, sports teams, birthdays, years, and common names.

The 2014 version of the report is the first time that SplashData collaborated with online security expert Mark Burnett, who is also the author of the book Perfect Passwords.

Burnett revealed that the 25 worst passwords now only represent 2.2 percent of all the leaked passwords which, while still an alarming figure, is the lowest seen in recent studies.

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion