Don’t use these passwords. Sincerely, the World Wide Web

Think you’re protected from web attacks with your strong passwords? When hackers seize control of computers to create botnets, they can cause plenty of collateral damage, and their ticket in is often stupid-simple: terrible passwords. SplashData has just released its annual list of the worst of them, and things have changed depressingly little over last year. The most commonly hacked password is still “123456,” which edged out the perennial I-can’t-believe-people-still-use-this entry, “password.” Other top picks in the an alphanumeric hall of shame are “12345678,” “qwerty,” “monkey” and new this year, “batman.” According to security expert Mark Burnett, the top 25 passwords (below) represent an eye-popping 2.2 percent of passwords exposed.

Firewall lock on mainboard , concept background

The good news is that fewer people are using bad passwords than in 2013, perhaps thanks to some well-publicized data breaches at Sony, Target and elsewhere. SplashData reminds folks to create passwords with eight, mixed characters not based on easy-to-brute-force dictionary words — even with substitutions like “dr@mat1c.” As pointed out by Buffer Open, other methods include pass phrases, mnemonic devices and other memory tricks — including a gem from XKCD. Since you shouldn’t use the same password on more than one site, it’s also a good idea to use one of the many password managers out there, like LastPass or SplashID. Those let you access your entire collection of passwords with just a single passphrase — one that had better be a lot stronger than “123456.”

Rank Password Change from 2013
1 123456 Unchanged
2 password Unchanged
3 12345 Up 17
4 12345678 Down 1
5 qwerty Down 1
6 123456789 Unchanged
7 1234 Up 9
8 baseball New
9 dragon New
10 football New
11 1234567 Down 4
12 monkey Up 5
13 letmein Up 1
14 abc123 Down 9
15 111111 Down 8
16 mustang New
17 access New
18 shadow Unchanged
19 master New
20 michael New
21 superman New
22 696969 New
23 123123 Down 12
24 batman New
25 trustno1 Down 1

About Justin Heintz

Hi there! Justin is currently 23 years old and was raised in the San Francisco Bay Area and is the Digital Media Director for 88.7 The Pulse.