Throw out those bad passwords
California-based password management software specialist SplashData has released the results of its annual list of the internet’s worst passwords.
For the first time “password” has been knocked off the number one slot. This doesn’t mean people are getting more security minded, however, as it’s been replaced by the equally obvious “123456”.
SplashData compiles the list from files containing stolen passwords posted online during the previous year. This year’s list is heavily influenced by the large number of Adobe user passwords posted online following the company’s 2013 security breach. Morgan Slain, CEO of SplashData says, “Seeing passwords like ‘adobe123’ and ‘photoshop’ on this list offers a good reminder not to base your password on the name of the website or application you are accessing”.
The list shows that people continue to put themselves at risk by using weak passwords. “Another interesting aspect of this year’s list is that more short numerical passwords showed up even though websites are starting to enforce stronger password policies,” Slain says.
So password pickers, here are the top 25 worst choices of 2013:
SplashData offers some tips on making your passwords more secure. These include using passwords that are eight characters or more in length and which use a mix of characters. But it warns that even passwords which use common l33t-style substitutions like “dr4mat1c” can be vulnerable to attackers’ increasingly sophisticated technology.
It recommends using passphrases, combinations of short words separated by spaces — or other characters if the site doesn’t allow this — for example “cakes years birthday” or “smiles_light_skip?” It also recommends not using the same password for multiple websites, especially risky is using the same password for websites as you do for banking or email.
If you have trouble remembering all of your passwords, SplashData naturally recommends using a password manager application like its Splash ID Safe to take care of them.