Passwords are getting longer, but they're not getting stronger.
For the first time last year, "1234567890," "qwertyuiop" (top row of keys on a standard keyboard) and "welcome" landed spots on the list of the year's most common passwords[1], according to data from SplashData, a Los Gatos, Calif.-based company that makes password-management applications. These examples are longer than perennial favorites "1234," "12345″ and "qwerty," which still rank high despite users knowing better, but they add little complexity.
"We have seen an effort by many people to be more secure by adding characters to passwords, but if these longer passwords are based on simple patterns they will put you in just as much risk of having your identity stolen by hackers," SplashData chief executive Morgan Slain said in a statement.
Though companies often deal with complex security problems, like software bugs in home routers[2], lame passwords are still an issue. SplashData compiled data from more than 2 million leaked passwords that were posted online by hackers. Most of the data came from people in North America and Western Europe.
The top passwords of 2015 were also a reflection of the year. Two new entries on the list were "starwars" and "solo."
Until all passwords are replaced with fingerprint readers, facial or voice recognition[3], good passwords should include at least 12 characters with combinations of upper- and lower-case letters, numbers and special characters–definitely not "password," "football" or "abc123," according to SplashData. Here's Personal Tech columnist Geoffrey A. Fowler's tips on using third-party password managers[4].
Here are the most popular passwords found in data leaks during the year, according to SplashData:
- 123456
- password
- 12345678
- qwerty
- 12345
- 123456789
- football
- 1234
- 1234567
- baseball
- welcome
- 1234567890
- abc123
- 111111
- 1qaz2wsx
- dragon
- master
- monkey
- letmein
- login
- princess
- qwertyuiop
- solo
- passw0rd
- starwars
______________________________________________________
For the latest news and analysis, follow @wsjd[5].
And like us on Facebook to get our news right in your feed:
[6]
Get breaking news and personal-tech reviews delivered right to your inbox[7].
More from WSJ.D: And make sure to visit WSJ.D[8] for all of our news, personal tech coverage, analysis and more, and add our XML feed[9] to your favorite reader.
References
- ^ list of the year's most common passwords (www.teamsid.com)
- ^ like software bugs in home routers (www.wsj.com)
- ^ Until all passwords are replaced with fingerprint readers, facial or voice recognition (www.wsj.com)
- ^ tips on using third-party password managers (www.wsj.com)
- ^ follow @wsjd (twitter.com)
- ^ like us on Facebook (www.facebook.com)
- ^ delivered right to your inbox (online.wsj.com)
- ^ visit WSJ.D (www.wsjd.com)
- ^ add our XML feed (online.wsj.com)