Terrible passwords of 2011

A company called SplashData created a list of what is called the top 25 worst passwords of 2011. SplashData compiles this list yearly to highlight the dangers of using simple passwords that are easy to guess.

Photo from Creative Commons.

The most surprising result of this research was that “password” was still the number one worst and most commonly used password to date. Many users are still falling back on it as their means to access online accounts. This is startling because most security guidelines for websites actively attempt to discourage users from using “password” as their password.

The list, released by SplashData, was created by trolling through thousands of public passwords posted by hackers. The data collected from that list then led to the creation of the worst passwords of 2011. The following list is the top 25.

  1. password
  2. 123456
  3. 12345678
  4. qwerty
  5. abc123
  6. monkey
  7. 1234567
  8. letmein
  9. trustno1
  10. dragon
  11. baseball
  12. 111111
  13. iloveyou
  14. master
  15. sunshine
  16. ashley
  17. bailey
  18. passw0rd
  19. shadow
  20. 123123
  21. 654321
  22. superman
  23. qazwsx
  24. michael
  25. football

It’s sort of ironic that the password “trustno1” ranks number nine on the list. Clearly people are not nearly as creative as they would like to think. While this list will hopefully show people to be more careful with their passwords, this list gives the public a glimpse into the lack of creativity in the process of password creation.

Think your password was clever? Try again! Photo from Creative Commons.

It’s easy to make a password that is difficult to guess and it only takes a few seconds to accomplish. The first and most important step is to never use a word as a password. Using a word or phrase as a password makes it easier for programs and hackers to guess what passwords are, even if they are cleverly disguised with switching numbers in for letters. Use all of the characters that the website allows you to when creating a password, many places now allow punctuation to be included in passwords. Never use the same password for multiple accounts; this is how many phishing scams gain access to multiple accounts from a single user.

There are many reasons why people don’t follow these steps. One is that it’s just too easy to think of one password and use it for everything, that way you don’t need to remember more than one. Words and phrases are also easier to remember than a random stream of letters, numbers and punctuation. However, there are things out there that are designed to help make secure Internet passwords easier to manage. Password managers are a good way to keep track of your passwords, but they can also be a good way for others to keep track. Many password managers allow users to put in a master pass-code locking it and preventing anyone who is not supposed to from accessing user’s accounts.

Simple steps are all it takes to keep online accounts safe. While it may be a pain initially using difficult passwords, in the long run it may end up saving users some major headaches.