‘Worst passwords’ list 2015 topped by 123456

News
By Aaron Lee
published

Annual list of most commonly used passwords included Star Wars-related terms

Password label

The most commonly used password of 2015 was '123456', according to an annual list from security firm SplashData.

The company has been compiling a list of the world's most common passwords, and by extension the "worst passwords", for five years, reminding people that a poor password leaves them more exposed hacking or having their personal details accessed.

SplashData's report was compiled from more than two million leaked passwords during 2015. '123456' and 'password' have held onto the top two positions since the first list in 2011.

Other passwords in the top 10 include 'qwerty', 'football' and 'baseball'.

Last year, however, the top 25 most common passwords also included 'starwars', as well as terms that could well be related to the popular sci-fi series, which was a talking point throughout 2015.

New terms in the 2015 list that bear relation to Star Wars included: 'princess' (as in Princess Leia) and 'solo' (as in Han Solo). Not to mention the returning term 'master' (as in Jedi master).

Other passwords on the 2015 list that did not appear on the 2014 list included 'welcome', 'login' and 'passw0rd'. The Force was not strong with these passwords, SplashData quipped.

Having a strong password is not a guarantee of security. 2015 witnessed major hacks against TalkTalk, and previously unknown sites like Ashley Madison. But it's not just online account information at risk. A poor password on a Wi-Fi router or your tablet computer could expose you to data theft locally.

In the five years that SplashData has been compiling its list, many of the passwords in the top 25 -- often basic numerical strings '1234567890' -- have remained that same.

In order to better protect themselves, the company recommends that people use passwords or passphrases of 12 characters or more with mixed types of characters; avoid using the same password over and over again on different websites; and use a password manager to organise, protect and generate random passwords.

Reflecting on this year's list, SplashData CEO, Morgan Slain, said: "We have seen an effort by many people to be more secure by adding characters to passwords, but if these longer passwords are based on simple patterns they will put you in just as much risk of having your identity stolen by hackers."

The full list of 2015's 25 most commonly used passwords is below:

  • password
  • 12345678
  • qwerty
  • 12345
  • 123456789
  • football
  • 1234
  • 1234567
  • baseball
  • welcome
  • 1234567890
  • abc123
  • 111111
  • 1qaz2wsx
  • dragon
  • master
  • monkey
  • letmein
  • login
  • princess
  • qwertyuiop
  • solo
  • passw0rd
  • starwars
Aaron Lee