Worst passwords of 2012
Posted on 25 October 2012.
Just in time for Halloween comes something that might scare anyone who spends a lot of time online: SplashData's annual list of the most common passwords used on the Internet and posted by hackers. Users of any of these passwords are the most likely to be victims in future breaches.


In a year with several high profile password hacking incidents at major sites including Yahoo, LinkedIn, eHarmony, and Last.fm, SplashData's list of frequently used passwords shows that many people continue to put themselves at risk by using weak, easily guessable passwords.

The top three passwords, "password," "123456," and "12345678," remain unchanged from last year's list.

New entries to this year's list include "welcome, " "jesus," "ninja," "mustang, " and "password1."

"At this time of year, people enjoy focusing on scary costumes, movies and decorations, but those who have been through it can tell you how terrifying it is to have your identity stolen because of a hacked password,” said Morgan Slain, SplashData CEO. “We're hoping that with more publicity about how risky it is to use weak passwords, more people will start taking simple steps to protect themselves by using stronger passwords and using different passwords for different websites."

Presenting SplashData’s “Worst Passwords of 2012”, including their current ranking and any changes from the 2011 list:

1. password (Unchanged)
2, 123456 (Unchanged)
3. 12345678 (Unchanged)
4. abc123 (Up 1)
5. qwerty (Down 1)
6. monkey (Unchanged)
7. letmein (Up 1)
8. dragon (Up 2)
9. 111111 (Up 3)
10. baseball (Up 1)
11. iloveyou (Up 2)
12. trustno1 (Down 3)
13. 1234567 (Down 6)
14. sunshine (Up 1)
15. master (Down 1)
16. 123123 (Up 4)
17. welcome (New)
18. shadow (Up 1)
19. ashley (Down 3)
20. football (Up 5)
21. jesus (New)
22. michael (Up 2)
23. ninja (New)
24. mustang (New)
25. password1 (New)

SplashData’s top 25 list was compiled from files containing millions of stolen passwords posted online by hackers. The company advises consumers or businesses using any of the passwords on the list to change them immediately.

“Even though each year hacking tools get more sophisticated, thieves still tend to prefer easy targets,” Slain said. “Just a little bit more effort in choosing better passwords will go a long way toward making you safer online.”

You can make passwords more secure with these tips:
  • Use passwords of eight characters or more with mixed types of characters. One way to create longer, more secure passwords that are easy to remember is to use short words with spaces or other characters separating them. For example, “eat cake at 8!” or “car_park_city?”
  • Avoid using the same username/password combination for multiple websites. Especially risky is using the same password for entertainment sites that you do for online email, social networking, and financial services. Use different passwords for each new website or service you sign up for.
  • Having trouble remembering all those different passwords? Try using a password manager application that organizes and protects passwords and can automatically log you into websites.





Spotlight

USBdriveby: Compromising computers with a $20 microcontroller

Posted on 19 December 2014.  |  Security researcher Samy Kamkar has devised a fast and easy way to compromise an unlocked computer and open a backdoor on it: a simple and cheap ($20) pre-programmed Teensy microcontroller.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  
DON'T
MISS

Fri, Dec 19th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //