Slowly but surely, it seems as though the public are beginning to take a little more care about the passwords they use. A study shows that the ‘imaginative’ “123456” is still the most popular, but people are moving away from using such common passwords.
The SplashData survey was conducted by compiling more than 3.3 million passwords leaked during 2014. The top two, “123456” and “password” are still the most popular, while numerical combinations make up nine of the top 25 passwords.
“Passwords based on simple patterns on your keyboard remain popular despite how weak they are,” said Morgan Slain, CEO of SplashData. “Any password using numbers alone should be avoided, especially sequences. As more websites require stronger passwords or combinations of letters and numbers, longer keyboard patterns are becoming common passwords, and they are still not secure,” the company's website stated.
However, the top 25 most common passwords now only account for 2.2 percent of those leaked, so it would seem that some progress is being made. When SplashData started compiling their list four years ago, the top 25 accounted for six percent of leaky passwords.
"It's humorous, in some respects," said Chris Doggett of the IT security firm Kaspersky Lab. "But I think, generally, user awareness has gotten better. People are smarter and, generally speaking, know to be suspicious about e-mails from people they don't know and clicking on links," the Washington Post reported.
More people need to use "password" as password, #2 is not acceptable! http://t.co/uaGmzaS6PW#worstpasswords2014 by @splashdata
— Theodore Surjo (@println_ts) January 21, 2015
Slain, also warned against using one’s favorite sport, or sports team as a password, such as “football,” or “hockey.” He says by publishing such lists, it can help raise awareness amongst the public about the need for introducing strong passwords.
“As always, we hope that with more publicity about how risky it is to use weak passwords, more people will start taking simple steps to protect themselves by using stronger passwords and using different passwords for different websites," he said.