People: What are you doing? This is just getting sad now.
Remember all of those password leak stories you’ve seen in the last few months? How many? One? Two? Three? More? While most of those leaks fall on the shoulders of the network security of the companies involved, they still reveal a shocking truth: People are terrible when it comes to choosing a proper password. And new data culled from these various leaks confirms this.
It’s time for SplashData‘s annual list of the 25 most-common passwords on the internet. They say their list is “just in time for Halloween” – it’s that scary. And yeah, that fact that people are still this clueless on the incredible insecurity of their information is truly frightening.
The most common password, as revealed by the study, is “password.” That remains unchanged from last year. In fact, the two three most-common passwords are the same as they were last year – “123456” and “12345678” being the other two.
New entries on the top 25 list include “welcome,” “jesus,” “ninja,” “mustang,” and “password1.”
Check out the complete list below:
1. password (Unchanged)
2, 123456 (Unchanged)
3. 12345678 (Unchanged)
4. abc123 (Up 1)
5. qwerty (Down 1)
6. monkey (Unchanged)
7. letmein (Up 1)
8. dragon (Up 2)
9. 111111 (Up 3)
10. baseball (Up 1)
11. iloveyou (Up 2)
12. trustno1 (Down 3)
13. 1234567 (Down 6)
14. sunshine (Up 1)
15. master (Down 1)
16. 123123 (Up 4)
17. welcome (New)
18. shadow (Up 1)
19. ashley (Down 3)
20. football (Up 5)
21. jesus (New)
22. michael (Up 2)
23. ninja (New)
24. mustang (New)
25. password1 (New)
“We’re hoping that with more publicity about how risky it is to use weak passwords, more people will start taking simple steps to protect themselves by using stronger passwords and using different passwords for different websites,” said SplashData CEO Morgan Slain.
Well, it doesn’t seem to be working. We’ve known that people truly suck at picking passwords for some time, and it doesn’t seem to be changing. Want another example? Analysis of the aforementioned LinkedIn password leak showed that the top password for the leaked accounts was “link.”
Facepalm.