25 Worst Passwords Of 2011 [Study]

[george]

25 Worst Passwords of 2011 [sTUDY]

Pro tip: choosing “password” as your online password is not a good idea. In fact, unless you’re hoping to be an easy target for hackers, it’s the worst password you can possibly choose.

“Password” ranks first on password management application provider SplashData’s annual list of worst internet passwords, which are ordered by how common they are. (“Passw0rd,” with a numeral zero, isn’t much smarter, ranking 18th on the list.)

The list is somewhat predictable: Sequences of adjacent numbers or letters on the keyboard, such as “qwerty” and “123456,” and popular names, such as “ashley” and “michael,” all are common choices. Other common choices, such as “monkey” and “shadow,” are harder to explain.

As some websites have begun to require passwords to include both numbers and letters, it makes sense varied choices, such as “abc123″ and “trustno1,” are popular choices.

SplashData created the rankings based on millions of stolen passwords posted online by hackers. Here is the complete list:

1. password

2. 123456

3.12345678

4. qwerty

5. abc123

6. monkey

7. 1234567

8. letmein

9. trustno1

10. dragon

11. baseball

12. 111111

13. iloveyou

14. master

15. sunshine

16. ashley

17. bailey

18. passw0rd

19. shadow

20. 123123

21. 654321

22. superman

23. qazwsx

24. michael

25. football

SplashData CEO Morgan Slain urges businesses and consumers using any password on the list to change them immediately.

“Hackers can easily break into many accounts just by repeatedly trying common passwords,” Slain says. “Even though people are encouraged to select secure, strong passwords, many people continue to choose weak, easy-to-guess ones, placing themselves at risk from fraud and identity theft.”

The company provided some tips for choosing secure passwords in a statement:

1. Vary different types of characters in your passwords; include numbers, letters and special characters when possible.

2. Choose passwords of eight characters or more. Separate short words with spaces or underscores.

3. Don’t use the same password and username combination for multiple websites. Use an online password manager to keep track of your different accounts.

Are these lists helpful? Do you need to rethink any of your password choices? Let us know in the comments.

-- mashable 2011-11-18

[bkkjames]

anyone who uses Password as their password, should have it hacked

(Smokes, hurry up and change yours mate)

[smokie36]

anyone who uses Password as their password, should have it hacked

(Smokes, hurry up and change yours mate)

No need....I can't remember my password.....so no one else has a hope in hell!

[TommyDee]

huge company i was with many moons ago..

Usr..Admin PW Admin

Usr..Sysop PW Sysop

Usr. Admin PW None

still come across these on a regular basis

[ignis]

anyone who uses Password as their password, should have it hacked

(Smokes, hurry up and change yours mate)

No need....I can't remember my password.....so no one else has a hope in hell!

Yes that is fine until you have to leave your home for weeks, due to floods and cannot log in to any account

[smokie36]

anyone who uses Password as their password, should have it hacked

(Smokes, hurry up and change yours mate)

No need....I can't remember my password.....so no one else has a hope in hell!

Yes that is fine until you have to leave your home for weeks, due to floods and cannot log in to any account

Its OK...I just remembered mine...and you can use it as well if ya like.

Its bkkjameshasneverbeentooldtraffordlmao .....easy to remember!

[h90]

so is it wrong to enter "Password" when the computer asks me "Please enter Password"?

[bkkjames]

anyone who uses Password as their password, should have it hacked

(Smokes, hurry up and change yours mate)

No need....I can't remember my password.....so no one else has a hope in hell!

Yes that is fine until you have to leave your home for weeks, due to floods and cannot log in to any account

Its OK...I just remembered mine...and you can use it as well if ya like.

Its bkkjameshasneverbeentooldtraffordlmao .....easy to remember!

Not bad Smokes for a Friday>>>>but it's early yet.

[smokie36]

Not bad Smokes for a Friday>>>>but it's early yet.

Speak for yerself James...I just cracked a bottle of Chateau de Lisennes 2001!

[ignis]

3. Don’t use the same password and username combination for multiple websites. Use an online password manager to keep track of your different accounts.

Not a lot of help if your flooded and away for weeks, or your PC has to be re-formatted

I use all the same 2 names and 2 B'day dates, but all are different, so at least I know the basic password, just have to try which order or which ones have the - or _ in them.

Edited November 19, 2011 by ignis

[nikster]

so is it wrong to enter "Password" when the computer asks me "Please enter Password"?

Hmm... could that possibly explain the #1 ranking of "Password"?

That would be even funnier than just a poor choice

Just read a study recently that identified short sentences as the best choice... like "go on then" as a password is pretty much un-crackable. It's better than, say, "@!a#F6" because it has more possible combinations and you can actually remember it easily which reduces the chance that you're going to have to write it down somewhere.

That said I store all my really complicated passwords in my password-protected keychain, without attribution. That is - I know that this is my online banking password, but I am not writing that fact down in the keychain. So even in the unlikely case somebody would get into the (master-password-protected) keychain, they wouldn't know where to use those passwords. I also only store hints, not the actual passwords.

For all not-security-relevant sites I use simple passwords.