February 9, 2016
You’d think people would have learned by now. Despite the fact that security breaches and online identity theft have become alarmingly common in the news, many people don’t seem to be taking their own security on the internet all that seriously. An annual report released by SplashData shows what the worst passwords were for 2015, and judging from previous lists, it appears many people simply haven’t gotten the message. Simple, easily crackable passwords have become all too common, and they represent significant security risks, something all the more disturbing considering how much personal information most people now have online. Everything from emails to bank account numbers could be accessed by hackers, and based on the passwords people use, those hackers wouldn’t have to work too hard for them.
You can look at the list of 2015’s worst passwords, but you can probably already guess what they would be. In no surprise, the top password is “123456”, which hung onto the top slot from the previous year. In at number two is “password”. Yes, people are still using a simple sequence of numbers and the word “password” as a password. That doesn’t mean people don’t try to change things up a bit. For example, instead of using the first six numbers in order, some people add on a few more. “12345678” comes in at number three on SlashData’s list, with “123456789”, “1234567”, and “1234567890” all making the top 12. This might be because people have heard that longer passwords are more secure, but it’s most likely simply a result of certain sites requiring a longer minimum of characters for a password to be accepted.
If anything, the list of the most common passwords represents either laziness on the part of internet users or an unwillingness to bother with so many different passwords. People often have to enter in passwords for all sorts of profiles, accounts, and devices, so to them, it’s probably easiest just to keep things as simple as possible. For obvious reasons, this kind of philosophy can be disastrous, especially when it comes to the most sensitive information users have access to, whether that be clean or dirty data. Perhaps it’s also a result of lack of awareness in terms of how important passwords actually are. If that is indeed the case, more effort must be put into educating people on the role passwords play.
SplashData’s report also contains many interesting findings that seem to reflect pop culture. New to the top 25 list are words related to the release of the latest Star Wars movie: “princess”, “solo”, and even “starwars”. Considering the mainstream attention a major movie like Star Wars has garnered, it probably shouldn’t be a surprise that people would go with the phenomenon for picking a password. Also worth noting is the password “dragon” fell seven spots from the previous year. While this is only speculation, “dragon” might have reached its peak popularity due to the Game of Thrones show and has simply diminished a bit in the face of another pop culture juggernaut.
The list may make you feel depressed as to why people don’t want to choose better passwords to protect their data, but there is some encouraging news hidden within the results. One security expert indicates that the top 25 worst passwords make up 2.2 percent of all exposed passwords used. While that’s still a lot, that’s a significant drop from 4 percent found in recent surveys. The process may be slow, but people may be responding to the increasing security threats out there by strengthening their passwords. It will still take time, though, before the most obvious passwords are no longer used.
The basic practices of making passwords better still apply. You should use at least eight different characters, preferably more. Use capital and lower-case letters, along with numbers and symbols. Don’t use the same password for multiple accounts. Password managers can help you if you have trouble remembering all of your different passwords. Yes, these strategies require extra effort and work, but the result is a more secure internet for you and all your private data. Until the world moves beyond passwords completely (biometric scanners anyone?), a few simple steps will help people avoid using passwords that are easiest to break.
Did you like this article?
Get more delivered to your inbox just like it!