PCR Tech and IT retail, distribution and vendor news
Every year, SplashData compiles a list of the 25 most popular online passwords, and 2015’s list proves that some things never change.
This time last year we posted the firm’s 2014 password list which showed how some were unchanged since 2013, including the top spot, the very imaginative 123456.
Get ready to shake your head in despair, as it looks like we’ve learnt nothing form the array of hacks and cyber attacks this year, as ‘123456’ is yet again the number one password.
If you use any of the following passwords, hang your head in shame and change them asap:
1. 123456 (Unchanged)
2. password (Unchanged)
3. 12345678 (Up 1)
4. qwerty (Up 1)
5. 12345 (Down 2)
6. 123456789 (Unchanged)
7. football (Up 3)
8. 1234 (Down 1)
9. 1234567 (Up 2)
10. baseball (Down 2)
11. welcome (New)
12. 1234567890 (New)
13. abc123 (Up 1)
14. 111111 (Up 1)
15. 1qaz2wsx (New)
16. dragon (Down 7)
17. master (Up 2)
18. monkey (Down 6)
19. letmein (Down 6)
20. login (New)
21. princess (New)
22. qwertyuiop (New)
23. solo (New)
24. passw0rd (New)
25. starwars (New)
If that hasn’t convinced you to better manage your passwords, here’s what some of the experts have to say:
"To reduce the risk of data loss, organisations need to enforce password best practices (length, strength, complexity), educate users on the importance of credential management, and roll out two factor authentication where applicable to ensure employees can’t use poor passwords on corporate resources,” said Gavin Millard, technical director EMEA at Tenable Network Security.
"In addition to using common passwords, such as can be seen in the top 25 password list compiled by SplashData, MWR’s research has shown that attackers can target the personal lives of users in order to improve their chances of guessing their password. This includes the kind of language that they use to post on social media, the organisation they work for and the kinds of websites they frequent. These factors can give an attacker an idea about the kind of password a user is likely to choose and target an attack against that user using this information,” warns Matt Marx, information security consultant at MWR InfoSecurity.
Image source: Shutterstock
