SplashData studied more than 2 million passwords that were leaked in 2015, and identified the most commonly leaked passwords and those that were least secure from Western European and North American users according to Business Insider.
Most of the results are not surprising.
- 123456 is the most common password. It has been #1 since 2013.
- Password is the second most common password. It too has been #2 since 2013. Password was the most common password in 2012 an 2011.
- 12345678 is the third most common password found in the Splash data results. In fact 12345678 has been the most consistent performer, having been in the #3 place four of the past five years.
Here’s SplashData’s full list. If your password is on here, think about changing it.
25 Worst passwords
SplashData offers three simple tips to help people protect themselves:
- Use passwords or passphrases of twelve characters or more with mixed types of characters;
- Avoid using the same password over and over on different websites
- Use a password manager such as SplashID to organize and protect passwords, generate random passwords, and automatically log into websites.
What to do if you are responsible for securing systems where your users use these passwords? Stop Them !
This is what makes passwords suck – Implement complexity rules:
- Minimum of 8 characters
- Mix of characters, UPPER CASE, lower case, numbers and special characters.
- Prevent reusing passwords
- Black list all the above passwords so then can never be used again.