Most of us use easy passwords like '123456' but Star Wars codes are on the rise

April 2024 · 6 minute read

With so much of our lives now conducted online, it is hardly surprising people struggle to remember long lists of complex passwords to keep their personal details secure.

But it seems many of us are not learning the lessons of recent online security breaches, choosing instead to use some of the most common - and easily guessable - codes around.

An annual list of the 25 most common passwords on the internet show that people are still putting their faith in 'password1; and '123456' to keep their online accounts safe.

Microsoft is ¿dynamically banning¿ all weak and commonly used passwords across its services. The tech giant is gathering passwords from compromised accounts to see what combinations are easily cracked in order notify users to choose a stronger and more complex password 

An annual list of the worst passwords released today shows that, despite being told again and again, many of us are still opting for classics such as '123456' and 'password1'. The list, produced by online security app firm SplashData , was compiled from more than two million leaked passwords in the US. Stock image

The findings will no doubt cause online security experts to groan as despite repeated warnings, internet users are still failing to adopt better security when using the web.

The list, produced by online security app firm SplashData, was compiled from more than two million leaked passwords in the US.

RELATED ARTICLES

Share this article

Share 30 shares

According to the US company, choosing a bad password can leave you open to far more than just an inappropriate Facebook post from a prankster.

HOW TO CHOOSE A PASSWORD

Avoid favourite sports. 'Baseball' and 'football' were both in the top 10 worst password list.

Birthdays and years of birth are easy to guess with the help of personal information.

Common names such as Michael and Jennifer are insecure, with many making SplashData's Top 50 list, too.

Experts suggest using eight mixed types of characters, with seemingly random combinations if possible.

They say that passphrases – short words with spaces or other characters separating them – are easy to recall and are relatively secure if seemingly random words are used.

Experts also advise having different passwords for different sites, instead of relying on one, which if hacked, could prove particularly serious.

Choosing easy to guess passwords can lead to accounts being hacked and identities being stolen by cyber thieves.

However, the company also found some people have taken advice to change their passwords, but their new choice still leaves a lot to be desired.

New entrants into the list included a flurry of passwords inspired by 2015's biggest film reelase, Star Wars: The Force Awakens.

These included phrases like 'starwars', 'princess' and 'solo'.

Morgan Slain, CEO of SplashData, said: 'We have seen an effort by many people to be more secure by adding characters to passwords, but if these longer passwords are based on simple patterns they will put you in just as much risk of having your identity stolen by hackers.'

The firm advise that any password using numbers alone should be avoided, especially sequences.  

Even those who try to switch numbers for letters are no longer safe from hackers it would seem.

The 24th most common password on the list was using 'passw0rd' instead of 'password'.

SplashData instead suggests picking passwords that do not use a birthday, nor your favourite sport or team. It also advises avoiding common names such as 'Michael', 'Michelle' and 'Daniel'.

Mr Slain added: 'We hope that with more publicity about how risky it is to use weak passwords, more people will start taking simple steps to protect themselves by using stronger passwords and using different passwords for different websites.'

Choosing easy to guess passwords can lead to accounts being hacked and identities being stolen by cyber thieves. Stock image

Choosing easy to guess passwords can lead to accounts being hacked and identities being stolen by cyber thieves. Stock image

THE WORST PASSWORDS OF 2015 
RankPasswordChange from 2014
1123456No change 
2passwordNo change 
312345678Up 1
4qwertyUp 1
512345Down 2
6123456789No change 
7footballUp 3
81234Down 1
91234567Up 2
10baseballDown 2
11welcomeNew
121234567890New
13abc123Up 1
14111111Up 1
151qaz2wsxNew
16dragonDown 7
17masterUp 2
18monkeyDown 6
19letmeinDown 6
20loginNew
21princessNew
22qwertyuiopNew
23soloNew
24passw0rdNew
25starwarsNew

A recent report by accountancy giant KPMG says passwords are 'one of the weakest links in our security chain' because they are so easy to hack.

The report also warned that people are being forced to use ever more complicated passwords to protect everything from their bank accounts to mobile phones.

The firm is calling for passwords to be replaced with a 'more sophisticated approach', such as using fingerprints or eye recognition, which would come as a relief to millions who suffer from 'password rage'.

A recent, separate report found that a third of people now admit to having grown angry after struggling to remember log-in details. Many said frustration at forgetting passwords caused them to scream, swear and even cry, or bang their head on the table. 

A recent report by accountancy giant KPMG says passwords are ¿one of the weakest links in our security chain¿ because they are so easy to hack. Stock image

A recent report by accountancy giant KPMG says passwords are 'one of the weakest links in our security chain' because they are so easy to hack. Stock image

COULD BLOCKCHAIN BE THE ANSWER TO OUR SECURITY WOES?

The technology behind internet currency Bitcoin could be the solution to the UK's online threat

The technology behind internet currency Bitcoin could be the solution to the UK's online threat

The technology behind internet currency Bitcoin could be the solution to the UK's online security threat. 

In a report published today, the government's chief scientific advisor, Sir Mark Walport, has outlined how switching to a 'distributed ledger' system, such as blockchain system used by cryptocurrency Bitcoin, could provide a much more secure method of transferring records.

Sir Mark said: '[This] technology has the potential to transform the delivery of public and private services. 

'It has the potential to redefine the relationship between government and the citizen in terms of data sharing, transparency and trust and make a leading contribution to the government's digital transformation plan.'

The security lies in the 'distributed' nature of the process. 

Basically, everyone has a copy of the same record. When you carry out a process, be it trading a Bitcoin or accessing a medical record, your copy of the ledger is updated, as is everyone else's copy simultaneously. 

This means that in order for any transaction to take place, all of the ledgers must match up. If you try to fudge the code, your ledger will not match the others. 

This is what makes it more secure.

ncG1vNJzZmivp6x7pa3IpbCmmZmhe6S7ja6iaKuTnrKvr8StnJygX5a%2FtbXCpZxma2Rlg3KDlWh%2Fmq6VYrCprc2gnJ1loJbAtMPOq5tmraOaeqat0qKjsmWXqrK0v4ypn6uZo5rAbrjIpJxmqJGowLi70Z1oZmliaIF2goyMq5qqXYyus7%2BMrZ%2BepZWZeqS7w56qZqqZqLJvtNOmow%3D%3D