Thursday, January 23, 2014

A new 'worst password' king emerges for 2013: '123456' dethrones 'password'

It is now 2014, and as such, time for all the remaining "Best of 2013" awards to be announced. As Time reported on Monday, one of those awards, really a "Worst of" award, saw the 2012 king dethroned.

It was the worst password award of 2013, and 2012's champ, "password," was dethroned by "123456." SplashData, which makes the SplashID secure password database app, compiled the data from files containing millions of stolen passwords that were leaked online during 2013.

The top 25 list of insecure passwords includes a number of past favorites. Numeric sequences were popular -- they have popular in many hacks, including the massive LinkedIn leak in 2012 -- and it was somewhat hilarious to see the list include passwords such as "photoshop" and "adobe123," apparently coming from the October 2013 Adobe leak.

Morgan Slain, CEO of SplashData, said:
Seeing passwords like "adobe123" and "photoshop" on this list offers a good reminder not to base your password on the name of the website or application you are accessing.

SplashData's list of frequently used passwords shows that many people continue to put themselves at risk by using weak, easily guessable passwords. Some other passwords in the Top Ten include "qwerty," "abc123," "111111," and "iloveyou."

Another interesting aspect of this year's list is that more short numerical passwords showed up even though websites are starting to enforce stronger password policies," Slain said. For example, new to this year's list are simple and easily guessable passwords like "1234" at #16, "12345" at #20, and "000000" at #25.
The top 25 list of worst passwords follows:
  1. 123456
  2. password
  3. 12345678
  4. qwerty
  5. abc123
  6. 123456789
  7. 111111
  8. 1234567
  9. iloveyou
  10. adobe123
  11. 123123
  12. admin
  13. 1234567890
  14. letmein
  15. photoshop
  16. 1234
  17. monkey
  18. shadow
  19. sunshine
  20. 12345
  21. password1
  22. princess
  23. azerty
  24. trustno1
  25. 000000

No comments: