While the old favorites remained the same, new words such as "welcome", "ninja", "jesus" and "mustang" highlight SplashData's annual list of the most common passwords used on the Internet and posted by hackers. Users of any of these passwords are the most likely to be victims in future breaches.
The top three passwords, "password," "123456," and "12345678," remain unchanged from last year's list.
"Those who have been through it can tell you how terrifying it is to have your identity stolen because of a hacked password,” Morgan Slain, SplashData CEO, said in a press release. “We're hoping that with more publicity about how risky it is to use weak passwords, more people will start using stronger passwords and using different passwords for different websites."
Here are the "25 Worst Passwords of 2012”:
# Password Change from 2011
1. password Unchanged
2. 123456 Unchanged
3. 12345678 Unchanged
4. abc123 Up 1
5. qwerty Down 1
6. monkey Unchanged
7. letmein Up 1
8. dragon Up 2
9. 111111 Up 3
10. baseball Up 1
11. iloveyou Up 2
12. trustno1 Down 3
13. 1234567 Down 6
14. sunshine Up 1
15. master Down 1
16. 123123 Up 4
17. welcome New
18. shadow Up 1
19. ashley Down 3
20. football Up 5
21. jesus New
22. michael Up 2
23. ninja New
24. mustang New
25. password1 New
The list was compiled from files containing millions of stolen passwords posted online by hackers. The company advises consumers or businesses using any of the passwords on the list to change them immediately. “Even though each year hacking tools get more sophisticated, thieves still tend to prefer easy targets,” Slain said.
The company offers a two tips for more secure passwords:
- Use passwords of eight characters or more with mixed types of characters.
- Avoid using the same username/password combination for multiple websites.
