Man at His Best

'Football' And 'Hello' Amongst Worst Offenders In Annual Worst Passwords List

Is yours on there? If so, have a word.

BY Editors | Dec 26, 2017 | Culture

Image from Getty

Cybersecurity is an ever-growing issue and 2017 has seen a string of data breaches as hackers seize our personal information.

With that in mind, it is hard to believe that anyone in this day and age would use the word 'password' as their password, and yet the annual Word Passwords of the Year list from SplashData has confirmed people really are that stupid.

Their list ranked the worst 25 passwords for putting users at risk, and whilst some offenders have lingered from past lists - the number one entry of "123456" is unmoved from last year - there's been a new addition of "starwars" at number 16.

“Unfortunately, while the newest episode may be a fantastic addition to the Star Wars franchise, ‘starwars’ is a dangerous password to use,” explains Morgan Slain, the droll CEO of SplashData, Inc.

“Hackers are using common terms from pop culture and sports to break into accounts online because they know many people are using those easy-to-remember words.”

Here's their top 25 Worst Passwords of 2017:

1 - 123456 (rank unchanged since 2016 list)
2 - password (unchanged)
3 - 12345678 (up 1)
4 - qwerty (Up 2)
5 - 12345 (Down 2)
6 - 123456789 (New)
7 - letmein (New)
8 - 1234567 (Unchanged)
9 - football (Down 4)
10 - iloveyou (New)
11 - admin (Up 4)
12 - welcome (Unchanged)
13 - monkey (New)
14 - login (Down 3)
15 - abc123 (Down 1)
16 - starwars (New)
17 - 123123 (New)
18 - dragon (Up 1)
19 - passw0rd (Down 1)
20 - master (Up 1)
21 - hello (New)
22 - freedom (New)
23 - whatever (New)
24 - qazwsx (New)
25 - trustno1 (New)

And if you're one of the near 10% of people SplashData estimate have used one of these passwords on the list, fear not, they have some security advice for you.

1. Use passphrases of twelve characters or more with mixed types of characters including upper and lower cases.

2. Use a different password for each of your website logins. If a hacker gets your password they will try it to access other sites.

3. Protect your assets and personal identity by using a password manager to organise passwords, generate secure random passwords, and automatically log into websites.

And don't be stupid.

From: Esquire UK


COMMENTS