The number combination “123456” replaces the only slightly more obvious “Password” at the top of the “Worst Passwords” list compiled annually by password security company SplashData. The list of 25 is compiled from millions of stolen passwords posted online during the previous year.
In a release introducing this year’s list, the company explains:
“For the first time since SplashData began compiling its annual list, “password” has lost its title as the most common and therefore Worst Password, and two-time runner-up “123456” took the dubious honor.”
SplashData speculates the change in position may have been influenced by the large number of passwords belonging to Abobe users posted online when the company was hacked in October. Early estimates suggested the information of nearly 3 million customers had been affected.
Still, the list would seem to include numerous fairly easy to guess passwords like “111111,” “admin” and even “123123” finishing in the top 25.
It’s recommended that when choosing a password you select one with eight characters or more containing mixed characters (numbers and letters if possible.) It’s also important to avoid using the same passwords, no matter how secure, for multiple accounts.
Avoid passwords with common substitutions of numbers for letters to spell familiar words or phrases. One example suggested in the SplashData press release would be “dr4mat1c” which substitutes the numbers 4 and 1 for the letters “a” and “i.”
If totally random word and number combinations are too difficult to remember, try a short phrase of unrelated words separated by spaces or dashes. One example suggested in the SplashData release is “smiles_light_skip?”. The phrase includes words that might be easier to remember without writing down but would be hard to guess since they are not related and are separated by random dash symbols.
Here’s the full list of the top 25 “Worst Passwords” for 2013. Obviously, SplashData is recommending if you are using any of these passwords for your business accounts you change them immediately: