If your password is on this list, you should probably change it.
SplashData has released its annual list of the 25 most common passwords found on the Internet – which makes them the most vulnerable to hacking and stolen identities.
The list is compiled from more than 3.3 million leaked passwords during the year. The passwords were mostly held by users in North American and Western Europe.
SplashData’s “Worst Passwords of 2014”:
1 123456 (Unchanged from 2013)
2 password (Unchanged)
3 12345 (Up 17)
4 12345678 (Down 1)
5 qwerty (Down 1)
6 1234567890 (Unchanged)
7 1234 (Up 9)
8 baseball (New)
9 dragon (New)
10 football (New)
11 1234567 (Down 4)
12 monkey (Up 5)
13 letmein (Up 1)
14 abc123 (Down 9)
15 111111 (Down 8)
16 mustang (New)
17 access (New)
18 shadow (Unchanged)
19 master (New)
20 michael (New)
21 superman (New)
22 696969 (New)
23 123123 (Down 12)
24 batman (New)
25 trustno1 (Down 1)
SplashData releases its annual list in an effort to encourage the adoption of stronger passwords.
They say you shouldn’t use passwords based on simple patterns or passwords comprised entirely of numbers.
Other tips from a review of this year’s Worst Passwords List include:
- Don’t use a favorite sport as your password – “baseball” and “football” are in top 10, and “hockey,” “soccer” and “golfer” are in the top 100. Don’t use a favorite team either, as “yankees,” “eagles,” “steelers,” “rangers,” and “lakers” are all in the top 100.
- Don’t use your birthday or especially just your birth year — 1989, 1990, 1991, and 1992 are all in the top 100.
- While baby name books are popular for naming children, don’t use them as sources for picking passwords. Common names such as “michael,” “jennifer,” “thomas,” “jordan,” “hunter,” “michelle,” “charlie,” “andrew,” and “daniel” are all in the top 50.
Also in the top 100 are swear words and phrases, hobbies, famous athletes, car brands, and film names.