Password management company SplashData has released its annual list of the 25 worst passwords you can use online.
The passwords on the list are the most commonly used keys on the Internet, making those that use them vulnerable to being hacked or having their data or identities stolen.
SplashData’s list was derived from over 3.3 million leaked passwords from 2014, mostly from North America and Europe.
“123456” and “password” continue to hold the top two spots, as they have each year since the first list in 2011, the group said.
“As in past years’ lists, simple numerical passwords remain common, with nine of the top 25 passwords on the 2014 list comprised of numbers only,” SplashData said.
Passwords appearing for the first time on SplashData’s list include “696969”, “superman”, and “batman.”
Here are the 25 worst passwords, and their change in rank from 2013.
|Rank||Password||Change from 2013|
Common names such as “michael,” “jennifer,” “thomas,” “jordan,” “hunter,” “michelle,” “charlie,” “andrew,” and “daniel” were all in the top 50.
Also in the top 100 were swear words and phrases, hobbies, famous athletes, car brands, and film names.
To avoid making yourself vulnerable, SplashData offered the following advice:
- Don’t use a favourite sport or favourite sports team as your password.
- Don’t use your birthday, especially not just your birth year.
- While baby name books are popular for naming children, don’t use them as sources for picking passwords.
- Avoid using a sequence such as “qwertyuiop,” which is the top row of letters on a standard keyboard, or “1qaz2wsx” which comprises the first two ‘columns’ of numbers and letters on a keyboard.