WorstPassword-Infographic

The 2012 sequel to SplashData’s initial “worst passwords” report proved that not much had changed in terms of user behavior. Here are the Worst Passwords of 2012:


SplashData Press Release

Worst Passwords of 2012 — and How to Fix Them

In a year loaded with password breaches – Yahoo!, LinkedIn, eHarmony and Last.fm, among others – SplashData Reveals Its Annual “25 Worst Passwords of the Year” List

LOS GATOS, CA — Just in time for Halloween comes something that might scare anyone who spends a lot of time online: SplashData’s annual list of the most common passwords used on the Internet and posted by hackers. Users of any of these passwords are the most likely to be victims in future breaches.

In a year with several high profile password hacking incidents at major sites including Yahoo, LinkedIn, eHarmony, and Last.fm, SplashData’s list of frequently used passwords shows that many people continue to put themselves at risk by using weak, easily guessable passwords.

The top three passwords, “password,” “123456,” and “12345678,” remain unchanged from last year’s list.

New entries to this year’s list include “welcome, ” “jesus,” “ninja,” “mustang, ” and “password1.”

SplashData, provider of the SplashID Safe line of password management applications, releases its annual list in an effort to encourage the adoption of stronger passwords.

“At this time of year, people enjoy focusing on scary costumes, movies and decorations, but those who have been through it can tell you how terrifying it is to have your identity stolen because of a hacked password,” said Morgan Slain, SplashData CEO. “We’re hoping that with more publicity about how risky it is to use weak passwords, more people will start taking simple steps to protect themselves by using stronger passwords and using different passwords for different websites.”

Presenting SplashData’s “Worst Passwords of 2012”:

Rank     Password            Change from 2011
1               password                 Unchanged
2               123456                    Unchanged
3               12345678                Unchanged
4               abc123                     Up 1
5               qwerty                     Down 1
6               monkey                   Unchanged
7               letmein                    Up 1
8               dragon                     Up 2
9               111111                       Up 3
10             baseball                   Up 1
11             iloveyou                   Up 2
12             trustno1                  Down 3
13             1234567                  Down 6
14             sunshine                 Up 1
15             master                     Down 1
16             123123                    Up 4
17             welcome                 New
18             shadow                   Up 1
19             ashley                      Down 3
20             football                   Up 5
21             jesus                         New
22             michael                   Up 2
23             ninja                        New
24             mustang                 New
25             password1              New

SplashData’s top 25 list was compiled from files containing millions of stolen passwords posted online by hackers. The company advises consumers or businesses using any of the passwords on the list to change them immediately.
“Even though each year hacking tools get more sophisticated, thieves still tend to prefer easy targets,” Slain said. “Just a little bit more effort in choosing better passwords will go a long way toward making you safer online.”

SplashData suggests making passwords more secure with these tips:

Use passwords of eight characters or more with mixed types of characters. One way to create longer, more secure passwords that are easy to remember is to use short words with spaces or other characters separating them. For example, “eat cake at 8!” or “car_park_city?”

Avoid using the same username/password combination for multiple websites.  Especially risky is using the same password for entertainment sites that you do for online email, social networking, and financial services. Use different passwords for each new website or service you sign up for.

Having trouble remembering all those different passwords? Try using a password manager application that organizes and protects passwords and can automatically log you into websites. There are numerous applications available, but choose one with a strong track record of reliability and security like SplashID Safe, which has a 10 year history and over 1 million users. SplashID Safe has versions available for Windows and Mac as well as smartphones and tablet devices.

“It just takes a few extra moments to make a password better,” Slain said. “If you get started now and make it a resolution to keep it up, your life online will be safer and more secure in 2013.”

# # #

About SplashData
SplashData has been a leading provider of password management applications for over 10 years. SplashID Safe (www.splashid.com) has grown to be most trusted multiplatform password solution for both the consumer and enterprise markets with over 1 million users worldwide. SplashID Safe’s popularity continues to rise as the number of user names, passwords, and account numbers most people have to remember is rapidly multiplying. At the same time, the risk of this kind of sensitive information falling into the wrong hands has never been greater. SplashID Safe helps solve this dilemma by creating an encrypted digital safe available on smartphones, computers, USB keys, or online, offering the peace of mind of being able to access critical information whenever needed while maintaining the security of 256-bit encryption. SplashData was founded in 2000 and is based in Los Gatos, CA.

Get started for FREE