Skip to main content

This is some lame stock art; but not as lame as using "password" as your password, which a lot of you apparently still do.PAWEL KOPCZYNSKI/Reuters

Dear everyone: Your password game is weak.

SplashData's annual "worst passwords people are still somehow still using" list has come out. They have done this for several years now, and it's appalling how foolishly bad the most common passwords still are. One of the new ones on this year's list was 696969, which proves crude references do not make good passwords. Another terrible password is "trustno1" which proves irony isn't dead.

Yes, it's true that for the most part passwords are just an annoying hurdle to clear before we can log in to social networks, e-mail, a favourite pay-meter newspaper, a bank account, or a million other single sign-in sites. Even though we know all about the big-time privacy breaches that happen seemingly every other day, we think hacking "can't happen to me."

Terrible passwords make it super easy for it to happen to you.

There are many reasons why a hacker or even just a moderately deviant jerk with a computer might decide to try and crack into your systems: maybe you annoyed one of them on social media, maybe you appear to have some money, maybe you know famous people and they are looking for photos? The most basic hacking technique is to try a number of common passwords: 123456, or Password or "qwerty"... things that aren't so much passwords as invitations to break in.

Don't use any of those. In fact, don't use any of the top 25 most common (and worst) passwords listed below. How does it know what the most common passwords are? "SplashData's top 25 list was compiled from files containing millions of stolen passwords posted online during the previous year." So don't be one of those people who's password gets stolen because it's laughably easy.

The most terrible passwords of 2014

1. 123456

2. password

3. 12345

4. 12345678

5. qwerty

6. 123456789

7. 1234

8. baseball

9. dragon

10. football

11. 1234567

12. monkey 1

13. letmein

14. abc123

15. 111111

16. mustang

17. access

18. shadow

19. master

20. michael

21. superman

22. 696969

23. 123123

24. batman

25. trustno1

As a postscript, most security experts agree that even long strings of numbers and characters can be broken by some of the sophisticated cracking tools out there given enough time. When 1l2jfdpa1954!923* can be guessed by software, what's the point of even having a password? Really, it's about not making it easy on potential intruders. And if you find those strong passwords daunting, there are password managing and generating tools like 1Password, PasswordSafe and LastPass that can help keep you safer. And as you might have guessed, SplashData also makes password managing software.

There's also some signs of hope: "The bad news from my research is that this year's most commonly used passwords are pretty consistent with prior years," online security expert Mark Burnett said in the company's release. "The good news is that it appears that more people are moving away from using these passwords. In 2014, the top 25 passwords represented about 2.2 per cent of passwords exposed. While still frightening, that's the lowest percentage of people using the most common passwords I have seen in recent studies."

Follow related authors and topics

Authors and topics you follow will be added to your personal news feed in Following.

Interact with The Globe