Still Report #687 – Worst Passwords of 2015

from Bill Still

The new 2015 Most Popular Passwords list is out. Every year the commercial password manager SplashData publishes a list of the most popular passwords compiled from 2 million stolen passwords from users in North America and Western Europe.
The list includes in parenthesis whether the password went up or down compared to last year’s list. For example, the most used password remained static from last year – 123456.
[insert list]
1. 123456 (Static)
2. password (Static)
3. 12345678 (Up 1)
4. qwerty (Up 1)
5. 12345 (Down 2)
6. 123456789 (Static)
7. football (Up 3)
8. 1234 (Down 1)
9. 1234567 (Up 2)
10. baseball (Down 2)
11. welcome (New)
12. 1234567890 (New)
13. abc123 (Up 1)
14. 111111 (Up 1)
15. 1qaz2wsx (New)
16. dragon (Down 7)
17. master (Up 2)
18. monkey (Down 6)
19. letmein (Down 6)
20. login (New)
21. princess (New)
22. qwertyuiop (New)
23. solo (New)
24. passw0rd (New)
25. starwars (New)
New entries towards the bottom of the list #21, #23, and #25 were probably inspired by the return of the Star Wars film series.
The SplashData experts say if you have spotted your password on this list, you’d better change it. They also recommend a unique password for every one of your online accounts.
According to Morgan Slain, CEO of SplashData:
“Passwords based on simple patterns on your keyboard remain popular despite how weak they are.”
“Any password using numbers alone should be avoided, especially sequences.”
“For example, users should avoid a sequence such as ‘qwertyuiop’, which is the top row of letters on a standard keyboard, or ‘1qaz2wsx’ which comprises the first two ‘columns’ of numbers and letters on a keyboard.”
Don’t use a favorite sport as your password – “baseball” and “football” are in top 10, and “hockey,” “soccer” and “golfer” are in the top 100. Don’t use a favorite team either, as “yankees,” “eagles,” “steelers,” “rangers,” and “lakers” are all in the top 100.”
Don’t use your birthday or especially just your birth year — 1989, 1990, 1991, and 1992 are all in the top 100.
While baby name books are popular for naming children, don’t use them as sources for picking passwords. Common names such as “michael,” “jennifer,” “thomas,” “jordan,” “hunter,” “michelle,” “charlie,” “andrew,” and “daniel” are all in the top 50.
Also in the top 100 are swear words and phrases, hobbies, famous athletes, car brands, and film names.
One tip for generating good passwords is to use the first letter from the first few words a favorite song or a poem or bible verse, capitalize one or more of the letters and throw in a couple of numbers that you can remember.
I’m still reporting from Washington, good day.