Advertisement

We need your help now

Support from readers like you keeps The Journal open.

You are visiting us because we have something you value. Independent, unbiased news that tells the truth. Advertising revenue goes some way to support our mission, but this year it has not been enough.

If you've seen value in our reporting, please contribute what you can, so we can continue to produce accurate and meaningful journalism. For everyone who needs it.

"I knew I shouldn't have used 'qwerty' as a password". Shutterstock/GooGag
D'oh!

If you see your password on this list, change it immediately

Unless you really, really think the likes of ’123456′ is going to keep your account safe.

GOOD PASSWORDS ARE essential to a safe account yet for some people, it’s treated as an afterthought where they choose the easiest thing to remember.

And in the case of SplashData’s annual bad password list, very little has changed from last year or the year before.

It analysed two million passwords that were leaked in 2015 and it found the most popular bad password continues to be ’123456′, followed by ‘password’, ’12345678′ and ‘qwerty’.

There were some attempts at creativity with ’1qaz2wsx’ and Star Wars-themed entries like ‘solo’ and ‘starwars’ but all of them have the same problem: they’re short, they’re common words or entries, they all use lower case words and/or numbers, and the typing patterns are easy to guess.

The list is as follows.

1) 123456
2) password
3) 12345678
4) qwerty
5) 12345
6) 123456789
7) football
8) 1234
9) 1234567
10) baseball

11) welcome
12) 1234567890
13) abc123
14) 111111
15) 1qaz2wsx
16) dragon
17) master
18) monkey
19) letmein
20) login

21) princess
22) qwertyuiop
23) solo
24) passw0rd
25) starwars

So what can you do to make a password stronger? Well not using any of the above examples is a good start, but there are some extra steps you can take.

The longer a password is, the better, but you should strengthen it by using capital letters, numbers and symbols as well. A good way of remembering is to use random phrases and split them up using symbols to strengthen them (something like ‘fire_Android+The42′). It’s not foolproof, but it will make your account harder to crack.

You can take things a step further by activating two-step verification (requiring a code from your phone to access an account) or invest in a password manager like 1Password, Dashlane or Sticky Password which encrypt your passwords, create random, complex ones for your accounts and only require one master password to remember.

And more importantly, don’t use the same password for two or more accounts. If one of them is compromised, then it puts the others at risk.

Read: The classic game Doom gets its first new level in 21 years >

Read: Your iPhone could be showing you the wrong battery percentage >

Your Voice
Readers Comments
48
    Submit a report
    Please help us understand how this comment violates our community guidelines.
    Thank you for the feedback
    Your feedback has been sent to our team for review.