Which are the worst passwords of 2015?

Pierluigi Paganini January 20, 2016

SplashData has published its fifth annual report on most used passwords in 2015, including the list of the Worst passwords of the year.

For the fifth time, experts from the SplashData security firm have published a report, titled “Worst Passwords of 2015”  that analyzes the use of passwords in 2015. The researchers compiled the annual report with data related more than two million leaked passwords during 2015, mostly held by users in North America and Western Europe.

I tell you now that nothing has changed and that despite the awareness of cyber threats is increased, users continue to make the same errors adopting weak and predictable passwords

The most used passwords were “123456” and “password,” exactly the same since 2011! Also in 2015 users used simple numerical passwords, with six of the top 10 passwords on the 2015 list comprised of numbers only.

Some users have started using new and longer passwords in an attempt to improve their security, or simply because websites forced them to do so, however are still easy to guess.

“We have seen an effort by many people to be more secure by adding characters to passwords, but if these longer passwords are based on simple patterns they will put you in just as much risk of having your identity stolen by hackers,” explained SplashData chief executive Morgan Slain.

“As we see on the list, using common sports and pop culture terms is also a bad idea. We hope that with more publicity about how risky it is to use weak passwords, more people will take steps to strengthen their passwords and, most importantly, use different passwords for different websites.”

Let me show you how users’ worst passwords have evolved in the last three years:

Worst Password Infographic-2013-rev011814

Below the situation in 2014

Worst Passwords 2014

And in 2015, the list included the following strings:

worst passwords 2015_ 2

 

Sports remain a popular password theme, but this year “football” has overtaken baseball, clear change of the Americans’ passions.

Very common are also terms used in the Star Wars saga, for the fist time in the list of worst passwords list we see terms like “starwars,” “solo,” and “princess.” Other novelties respect the 2014 list are “welcome”, “login” and “passw0rd.”

Below the complete list of the worst passwords of 2015, is you are using one of them is time to change it!

Rank Password Change from 2014
1 123456 Unchanged
2 password Unchanged
3 12345678 Up 1
4 qwerty Up 1
5 12345 Down 2
6 123456789 Unchanged
7 football Up 3
8 1234 Down 1
9 1234567 Up 2
10 baseball Down 2
11 welcome New
12 1234567890 New
13 abc123 Up 1
14 111111 Up 1
15 1qaz2wsx New
16 dragon Down 7
17 master Up 2
18 monkey Down 6
19 letmein Down 6
20 login New
21 princess New
22 qwertyuiop New
23 solo New
24 passw0rd New
25 starwars New

If you want to have more information on the topic give a look to the “Worst passwords ebook” published by the company

Pierluigi Paganini

(Security Affairs – Worst passwords, Spash data)



you might also like

leave a comment