Our passwords are awful – Star Wars? Really?

20 Jan 2016

The annual look back on just how rubbish our passwords are shows that humanity never learns, with ‘123456’ and ‘password’ still the most common, awful choices in 2015.

Last year, passwords like ‘superman’, ‘batman’, ‘michael’ and ‘dragon’ caught our eye as surprisingly common, and obviously terrible, options.

Now, Splash Data’s 2015 findings show that cultural signifiers in real life are reflected in poor password choices. Though ‘dragon’, somehow, remains in the list.

So now instead of ‘superman’ we have ‘princess’, instead of ‘michael’ we have the troublingly obvious ‘welcome’ and, in place of ‘123123123’, ‘trustno1’ and ‘696969’, we have ‘starwars’, ‘solo’ and ‘login’.

Splash Data notes that some of the longer passwords that made the top 25 list of terrible options are so simple (1234567890, for example) that the extra characters are “virtually worthless”, which is a wonderful duo of words in this instance.

‘Baseball’ dropped three spots to seventh, while ‘football’ jumped the same amount to 10th.

“We have seen an effort by many people to be more secure by adding characters to passwords,” explained Morgan Slain, CEO of SplashData.

“But if these longer passwords are based on simple patterns they will put you in just as much risk of having your identity stolen by hackers.”

Tips to improve passwords are always the same, but that still doesn’t make them less important. Use long passwords with multiple cases and character types – for example, use #, €, or £ – and don’t reuse the same password on different sites.

The 25 worst passwords of 2015, according to Splash Data, are:

  1. 123456 (Unchanged)
  2. password (Unchanged)
  3. 12345678 (Up 1)
  4. qwerty (Up 1)
  5. 12345 (Down 2)
  6. 123456789 (Unchanged)
  7. football (Up 3)
  8. 1234 (Down 1)
  9. 1234567 (Up 2)
  10. baseball (Down 2)
  11. welcome (New)
  12. 1234567890 (New)
  13. abc123 (Up 1)
  14. 111111 (Up 1)
  15. 1qaz2wsx (New)
  16. dragon (Down 7)
  17. master (Up 2)
  18. monkey (Down 6)
  19. letmein (Down 6)
  20. login (New)
  21. princess (New)
  22. qwertyuiop (New)
  23. solo (New)
  24. passw0rd (New)
  25. starwars (New)

Stromtrooper image via af8images/Shutterstock

Gordon Hunt was a journalist with Silicon Republic

editorial@siliconrepublic.com