The worst passwords of 2014 prove that many of us do not need to be hacked

Every year, SplashData shares a list of the most common passwords in use. Not surprisingly, that list of “common” passwords is also the list of worst passwords as well. Not only are these passwords just plain terrible, but because they are so common, they do not need to be hacked.

We shared the list a few years ago, and while the rankings will jockey back-and-forth, the changes are not always significant. For 2014, a number of new additions made the list, more than a third of the top 25 worst passwords are new to the list, or returned after dropping off in past years’ lists.

For those that are fans of Mel Brooks’ classic, Space Balls, you will be glad to know that luggage combination "12345" moved up 17 spots, while the top spot is still occupied, “123456.”: The runner-up, “password,” is also unchanged.

New to the list, and making its appearance in spot number 8, is “baseball.” Other new arrivals include, “dragon,” “mustang,” “superman,” and “696969.” As you may have seen from time-to-time, T-Mobile CEO John Legere often jokingly refers to himself as “Batman,” lo-and-behold that password made its debut to the list of Worst Passwords for 2014.

The list really contains no good news, even with possible downward trends in the use of such silly passwords like “12345678,” and “111111,” or “123123,” it still shows that most people do not take safeguarding password protected services seriously.

So, if you have shunned using a pattern lock, or 4-digit PIN to lock your smartphone or tablet (or luggage), but used one of the passwords on this list, you provided about as much protection as setting up no password at all.

Here is the top 25 list of Worst Passwords for 2014:

1. 123456 (unchanged)
2. password (unchanged)
3. 12345 (up 17)
4. 12345678 (down 1)
5. qwerty (down 1)
6. 123456789 (unchanged)
7. 1234 (up 9)
8. baseball (new)
9. dragon (new)
10. football (new)
11. 1234567 (down 4)
12. monkey (up 5)
13. letmein (up 1)
14. abc123 (down 9)
15. 111111 (down 8)
16. mustang (new)
17. access (new)
18. shadow (unchanged)
19. master (new)
20. michael (new)
21. superman (new)
22. 696969 (new)
23. 123123 (down 12)
24. batman (new)
25. trustno1 (down 1)

Creating strong passwords is not so difficult. In lieu of using real words with numbers and symbols (like p@ssw0rd1!), instead, generate password through phrases. For example, if you take a phrase from your favorite song, like Bohemian Rhapsody, by Queen, “I see a little silhouette of a man, Scaramouch, Scaramouch!” Combine some numbers, and symbols and make your password, “1SALSOAM$$!”  Such passwords are extremely difficult to figure out through traditional brute-force hacks, and the phrase they are based on makes them very easy to remember.

source: SplashData