The completely guessable “123456” is the worst password of the year, according to an annual list released by the security firm SplashData.
And by “worst” we mean most commonly used. SplashData analyzed five million leaked passwords over the past 12 months, as noted by TechRadar. While the six-number series did beat out the old standby “password” (which slipped to fourth), the 123456 login was used by an estimated three percent of all users.
Two new entries on the annual list this were “1q2w3e4r” and “qwertyuiop,” which seem like more intricate combinations but are still extremely unsafe. “We can tell that over the years people have begun moving toward more complex passwords, though they are still not going far enough as hackers can figure out simple alphanumeric patterns,” says Morgan Slain, CEO of SplashData.
Their suggestions? Use passphrases of twelve characters or more with mixed types of characters, use a different password for each of your logins, and use a password manager (they recommend their own services, natch; we haven’t tried ’em, but we personally like Dashlane). The good news is that many programs and sites now forbid the use of simple passwords.
But if you’re using an older program, these are the ten passcodes to avoid at all cost:
- 123456
- 123456789
- qwerty
- password
- 1234567
- 12345678
- 12345
- iloveyou
- 111111
- 123123
You can find more online security tips here and here.
Subscribe here for our free daily newsletter.
Thanks for reading InsideHook. Sign up for our daily newsletter and be in the know.
