A Brief History of the Password Problem, Part 1: Worst Passwords of 2011

TeamsID was developed by SplashData. We've been passionate about solving password management and security problems since all the way back to 2000.

To help explain the nature of the password problem faced by businesses, it's helpful to look at the most common passwords employees choose, and how these have (or have not) changed over time.

You may have heard about SplashData's "Worst Passwords" lists. These are extensively researched lists of the most common passwords found on the Internet. The list has become widely reported each year, with coverage on mainstream TV, radio, and newspapers as well as tech-related websites.

So without further ado, let's start at the beginning, with SplashData's first annual list. Here are the Worst Passwords of 2011:

When "Most Popular" Isn't A Good Thing: Worst Passwords of the Year - And How to Fix Them

SplashData Reveals Its '25 Worst Passwords of the Year' List For 2011, With 'Password' (Yes, That's Right) and '123456' Topping the List

If you're one of those people who thought it was clever to use "password" as your password, it's time to wisen up and make a change. Switching the "o" to a zero to make it "passw0rd"? Not much better. Both are on the list of the 25 most common passwords used on the Internet this year, according to SplashData, a well-known provider of password management applications.

Other common passwords include simple numerical choices like "123456," common names like "ashley" and "michael," and patterns based on the layout of the keyboard like "qwerty" and "qazwsx." There are also some minor mysteries, like the unusual popularity of "monkey" and "shadow." With an increasing number of sites requiring more complex passwords, some letter and number combinations like "abc123" and "trustno1" are being used more often.

In an effort to encourage adoption of stronger passwords, SplashData, a leading provider of password software for more than 10 years, today released its "25 Worst Passwords of the Year" list for 2011. According to SplashData, the most common passwords on the web are:

    • password

    • 123456

    • 12345678

    • qwerty

    • abc123

    • monkey

    • 1234567

    • letmein

    • trustno1

    • dragon

    • baseball

    • 111111

    • iloveyou

    • master

    • sunshine

    • ashley

    • bailey

    • passw0rd

    • shadow

    • 123123

    • 654321

    • superman

    • qazwsx

    • michael

    • football

SplashData's top 25 list was compiled from files containing millions of stolen passwords posted online by hackers, according to CEO Morgan Slain. He advised that if consumers or businesses are using any of the passwords in the list, their passwords should be changed immediately.

"Hackers," Slain said, "can easily break into many accounts just by repeatedly trying common passwords. Even though people are encouraged to select secure, strong passwords, many people continue to choose weak, easy-to-guess ones, placing themselves at risk from fraud and identity theft," Slain said. "What you don't want is a password that is easily guessable. If you have a password that is short or common or a word in the dictionary, it's like leaving your door open for identity thieves."

Even though thieves have more sophisticated hacking tools at their disposal today than ever before, they still tend to prefer easy targets, Slain said. "Just a little bit more sophistication in choosing passwords will go a long way toward making you safer online."

SplashData suggests making passwords more secure with these tips:

    • Use passwords of eight characters or more with mixed types of characters. One way to create longer, more secure passwords that are easy to remember is to use short words with spaces or other characters separating them. For example, "eat cake at 8!" or "car_park_city?"

    • Avoid using the same username/password combination for multiple websites. Especially risky is using the same password for entertainment sites that you do for online email, social networking, and financial services. Use different passwords for each new website or service you sign up for.

    • Having trouble remembering all those different passwords? Try using a password manager application that organizes and protects passwords and can automatically log you into websites. There are numerous applications available, but choose one with a strong track record of reliability and security likeSplashID Safe, which has a 10 year history and over 1 million users. SplashID Safe has versions available for Windows and Mac as well as smartphones and tablet devices.

"It's easy to start making your passwords better," Slain said. "Start now; make it a resolution to keep it up and your whole life online will safer and more secure in 2012."

About SplashData, Inc.

SplashData has been a leading developer of productivity and security applications for over 10 years. The company's applications and services have millions of users worldwide and include SplashID Safe, SplashMoney, SplashShopper,SplashTravel, SplashNotes, File Magic, Flight Tracker, Birthdays, and Holiday. SplashData's applications are available at www.splashdata.com and on major smartphone app stores, including Apple's iTunes App Store, Android Market, and BlackBerry App World. SplashData was founded in 2000 and is based in Los Gatos, CA.

Get started for FREE