MONTREAL -- For the first time in almost a decade of SplashData's annual accounting of the opposite of creativity when protecting your identity, bank account or social media profile, "password" was bumped off the top two spots on the Worst Passwords of the Year list.
Though he may have other stresses in his life at the moment, the US President may be pleased (or displeased) to know that "donald" found its way off the top 25 most dangerous and commonly leaked passwords by hackers.
Game of Thrones fans, however, may have had something to do with "dragon" making its first appearance on the list.
SplashData CEO Morgan Slain advises staying away from politicians, celebrities and sports stars when choosing a password.
“Invoking the name of the president or any other celebrity as your password is a dangerous decision, one that hackers will exploit and put you at substantial risk of having your identity stolen,” he said.
Topping the list, as it did last year, is the all-too-common choice of the predictable: "123456".
Many computer programs and apps now prevent users from choosing simple and easily guessable words and alphanumeric patterns, but older applications and some websites still allow people to create weak passwords.
SplashData annually analyses millions of leaked passwords to determine the ones most used over the year. In addition to the usual suspects, "princess", "iloveyou", "welcome" and "admin" appear on the list each year.
"Our hope by publishing this list each year is to convince people to take steps to protect themselves online, and we think these and other efforts are finally starting to pay off," said Slain.
The 25 worst passwords are:
- 123456 (rank unchanged from 2018)
- 123456789 (up 1)
- qwerty (Up 6)
- password (Down 2)
- 1234567 (Up 2)
- 12345678 (Down 2)
- 12345 (Down 2)
- iloveyou (Up 2)
- 111111 (Down 3)
- 123123 (Up 7)
- abc123 (Up 4)
- qwerty123 (Up 13)
- 1q2w3e4r (New)
- admin (Down 2)
- qwertyuiop (New)
- 654321 (Up 3)
- 555555 (New)
- lovely (New)
- 7777777 (New)
- welcome (Down 7)
- 888888 (New)
- princess (Down 11)
- dragon (New)
- password1 (Unchanged)
- 123qwe (New)
SplashData numbers suggest 10 per cent of the population have used at least one of the 25 worst passwords, and nearly 3 per cent choose "123456" as their line of defence against identity theft.
The password management application gives three tips for better safety against hackers:
- Use passphrases of twelve characters or more with mixed types of characters.
- Use a different password for each of your logins. That way, if a hacker gets access to one of your passwords, they will not be able to use it to access other sites.
- Protect your assets and personal identity by using a password manager to organize passwords, generate secure random passwords, and automatically log into websites.
