October 24, 2014

What were the 25 worst passwords of 2012

(LiveHacking.Com) – This year has seen many high profile data breaches, including Yahoo and LinkedIn, where user information, including passwords, has been taken from supposedly secure servers. The humble password remains the single most used method of authentication and is used for a whole range of services including email, online payment systems and online shopping. The problem is that there is still a large portion of people who don’t take passwords seriously.

SplashData has published its annual “25 Worst Passwords of the Year” list and unsurprisingly last years top three passwords, “password,” “123456,” and “12345678,” still hold the top spot in 2012. These aren’t imaginary passwords or passwords to unlock a screen saver on the kids PC, these are real passwords compiled from files of stolen passwords posted online by hackers.

There are however some new entries in the top 25 this year including “welcome”, “ninja”, “mustang” and “password1″. But they only continue to show the lack of imagination people have when creating a new password.

According to howsecureismypassword.net a modern cracking system can break an 8 letter password made up of lowercase letters in less than a minute. Where as a 10 character password made up of uppercase letters, lowercase letters, symbols and numbers would take 58 years!

Therefore I recommend that you use passwords of at least 10 characters with mixed case,digits and symbols. The perfect 10 character password would be something like sKy12get33% however that can be hard to remember. An easier to remember password which fulfills these criteria might be something like gon3%Home!

You should always avoid using the same username and password combination for multiple websites. This year when LinkedIn was hacked, the biggest danger was not unauthorized access to LinkedIn (as it quickly forced users to change their passwords) but rather if the same username and password was used elsewhere then cyber-criminals could gain access to email accounts or services like eBay.

Here is the full top 25 list of passwords you should definitely avoid!

1. password (Unchanged)
2, 123456 (Unchanged)
3. 12345678 (Unchanged)
4. abc123 (Up 1)
5. qwerty (Down 1)
6. monkey (Unchanged)
7. letmein (Up 1)
8. dragon (Up 2)
9. 111111 (Up 3)
10. baseball (Up 1)
11. iloveyou (Up 2)
12. trustno1 (Down 3)
13. 1234567 (Down 6)
14. sunshine (Up 1)
15. master (Down 1)
16. 123123 (Up 4)
17. welcome (New)
18. shadow (Up 1)
19. ashley (Down 3)
20. football (Up 5)
21. jesus (New)
22. michael (Up 2)
23. ninja     (New)
24. mustang (New)
25. password1 (New)

 

 

Share and Enjoy:
  • Print
  • Digg
  • StumbleUpon
  • del.icio.us
  • Facebook
  • Yahoo! Buzz
  • Twitter
  • Google Bookmarks