The SplashData list of worst passwords of 2014 was just published, and it looks very similar to the list in 2013, 2012, 2011, etc.:
Rank | Password | Change from 2013 |
1 | 123456 | No Change |
2 | password | No Change |
3 | 12345 | Up 17 |
4 | 12345678 | Down 1 |
5 | qwerty | Down 1 |
6 | 123456789 | No Change |
7 | 1234 | Up 9 |
8 | baseball | New |
9 | dragon | New |
10 | football | New |
11 | 1234567 | Down 4 |
12 | monkey | Up 5 |
13 | letmein | Up 1 |
14 | abc123 | Down 9 |
15 | 111111 | Down 8 |
16 | mustang | New |
17 | access | New |
18 | shadow | Unchanged |
19 | master | New |
20 | michael | New |
21 | superman | New |
22 | 696969 | New |
23 | 123123 | Down 12 |
24 | batman | New |
25 | trustno1 | Down 1 |
Sadly, I could have written this same post and used nearly the same list in 2010– in fact, I did: http://www.securityprivacyandthelaw.com/2010/01/is-your-password-still-123456-if-so-its-time-for-a-change/. Not everyone can start exercising, lose weight, save more money or get a new job as a resolution for 2015, but you can change your password, usually in less than 60 seconds, and toughen it up a bit.
Pingback: Update on President Obama’s “Summit on Cybersecurity and Consumer Protection,” Part III: Five Key Lessons for Business | Security, Privacy and the Law