Another year goes by, and according to a recent security survey the most commonly hacked password is still: "password."
Internet security firm SplashData trolled through millions of stolen passwords posted in online hacker forums, according to CEO Morgan Slain, and compiled a list of the 25 most-stolen ciphers.
Among the easily cracked codes were the some of the most common names for boys and girls (Michael and Ashley), sequential series of numbers (123123) and even strings based on keys closely grouped on your Qwerty keyboard (this one takes the prize: qazwsx).
"Hackers," Mr. Slain said in a release, "can easily break into many accounts just by repeatedly trying common passwords. Even though people are encouraged to select secure, strong passwords, many people continue to choose weak, easy-to-guess ones, placing themselves at risk from fraud and identity theft." Mr. Slain said.
If you have a password that is short or common or a word in the dictionary, it's like leaving your door open."
The top 25 stolen passwords:
- password
- 123456
- 12345678
- qwerty
- abc123
- monkey
- 1234567
- letmein
- trustno1
- dragon
- baseball
- 111111
- iloveyou
- master
- sunshine
- ashley
- bailey
- passw0rd
- shadow
- 123123
- 654321
- superman
- qazwsx
- michael
- football
SplashData provides software to help you manage multiple passwords and accounts, but even if you don't want to go that route here are their tips for password strengthening:
"Use passwords of eight characters or more with mixed types of characters. One way to create longer, more secure passwords that are easy to remember is to use short words with spaces or other characters separating them. For example, 'eat cake at 8!' or 'car_park_city?' "
"Avoid using the same username/password combination for multiple websites. Especially risky is using the same password for entertainment sites that you do for online email, social networking, and financial services. Use different passwords for each new website or service you sign up for."
Answer this question in the comments below: What's the dumbest password you ever used? (Please don't post your password unless you've wised up and no longer use it.)
UPDATE: Props to the readers for their clever suggestions: "********" is definitely sneaky-dumb Morty_whatever, and we should all be impressed with your civic-mindedness Scotch Bonnet. Still, the most creative (if probably still crackable) password suggestion goes to nyty nyt: "I use my Blues Name. A childhood disease followed by a US President's name: Mumps Washington, Measles Jackson, etc." Thanks for playing.