From Yahoo’s bombshell announcement of a data breach that affected millions, to the recent WannaCry and BadRabbit ransomware attacks, 2017 has brought several major cybersecurity disasters.
But, despite the incessant warnings from security researchers, many people are still turning to weak, easily guessable passwords to protect their devices.
SplashData has revealed its list of the worst passwords of 2017, using data from more than 5 million passwords leaked this year.
The list includes several seen in previous years – and, once again, ‘123456’ and ‘password’ top the list.
TOP TEN WORST PASSWORDS OF 2017
1) 123456 (rank unchanged since 2016 list)
2) password (unchanged)
3) 12345678 (up 1)
4) qwerty (Up 2)
5) 12345 (Down 2)
6) 123456789 (New)
7) letmein (New)
8) 1234567 (Unchanged)
9) football (Down 4)
10) iloveyou (New)
The list features several ineffective passwords that have, for some reason, long maintained their hold among internet users.
This includes ‘qwerty,’ in fourth place, ‘admin,’ in 11th, and ‘login’, in 14th.
And, this year, Star Wars found its way onto the list as well, with ‘starwars’ claiming the 16th spot.
“Unfortunately, while the newest episode may be a fantastic addition to the Star Wars franchise, ‘starwise’ is a dangerous password to use,” said Morgan Slain, CEO of SplashData, Inc.
“Hackers are using common terms from pop culture and sports to break into accounts online because they know many people are using those easy-to-remember words.”
There are several themes across the Worst Passwords list, including first names and hobbies.
“Jordan, harley, robert, matthew, daniel, andrew, andrea, and joshua all made it on the list – along with football and lakers.”
Several car names were among the top 50, from ‘ferrari’ to ‘mercedes’.
And, ‘trustno1’ proved, perhaps unsurprisingly, to be among the worst passwords as well, taking up spot number 25.
The experts warn that adding a number or symbol to a common word is also an ineffective trick.
“Hackers know your tricks, and merely tweaking an easily guessable password does not make it secure,” said Slain. “Our hope is that the Worst Passwords of the Year list will cause people to take steps to protect themselves online.”
A new report released just last week confirmed that many of us are still using the the word ‘password’ to access our accounts.
And, men are 2.8 times more likely to use this obvious phrase than women.
The report also found that nearly a quarter of people use the same password for every site they are signed up to.
The study, conducted by Houston-based IT consultancy firm EPC Group, found a large number of people still have bad habits when it comes to staying safe online.
EPC Group spoke about their top tips to password management to keep your information secure when online.
The reason changing a password frequently does not help is because when most people change their password they make minor tweaks such as replacing the number 1 with a number 2.
These small changes are called ‘transformations’ and hackers are very aware of them and build them into their scripts.
The new advice is to use long but easy-to-remember ‘passphrases’, that do not need to feature special characters or numbers
TOP FIVE TIPS TO CREATING A SAFE PASSWORD
1. Use strong, varied passwords for different accounts.
2. Don’t use passwords that include personal information or could be easily guessed.
3. Use two-factor authentication whenever possible.
4. Make sure your computer and anti-virus software is up to date and regularly scan your computer for spyware.
5. Watch for any suspicious activity on your accounts and never click on a link that looks untrustworthy.