Worst passwords of 2014

Password management firm SplashData has released its annual list of the worst passwords of the year and yes it is as bad as you’d think.

SplashData has analysed the 3 million passwords that were leaked online last year and have revealed that the most common password in 2014 was “123456” which took the top spot in 2013 too, followed by “password” another none mover from 2013 and in third “12345”.

Obviously, the more common a password the easier it is for people to hack into your personal accounts, such as email or social networks.

Here are the top 25 most common passwords of 2014:

1. 123456 (Unchanged from 2013) 
2. password (Unchanged) 
3. 12345 (Up 17) 
4. 12345678 (Down 1) 
5. qwerty (Down 1) 
6. 234567890 (Unchanged) 
7. 1234 (Up 9) 
8. baseball (New) 
9. dragon (New) 
10. football (New) 
11. 1234567 (Down 4) 
12. monkey (Up 5) 
13. letmein (Up 1) 
14. abc123 (Down 9) 
15. 111111 (Down 8) 
16. mustang (New) 
17. access (New) 
18. shadow (Unchanged) 
19. master (New) 
20. michael (New) 
21. superman (New) 
22. 696969 (New) 
23. 123123 (Down 12) 
24. batman (New) 
25. trustno1 (Down 1)

The list may seem unbelievable considering all the major hacking attacks that occurred and were highly publicised last year but a huge number of people still fail to protect their personal accounts with decent passwords.

As always this year’s passwords are unbelievably weak but even the cleverer password strategies like using capital letters, replacing numbers with letters or using symbols are now considered old tricks.

So what is a strong password?

Here are 6 tips to create stronger passwords and stay safe online:

1. We would strongly recommend you pick different passwords for all of your accounts
2. Avoid words with personal information like birthdays, favourite teams or colours.
3. Include numbers and symbols throughout your passwords, not just at the end.
4. Passwords should be 14 characters long.
5. Use word combinations that aren’t related at all (for example, “tabledogcarmoon”)
6. Companies like Facebook and Apple are now making it more difficult for hackers to access your accounts by offering two-factor authentication, which is basically a double lock. Each time you log into the account, you will be sent a code to your phone which changes after each login attempt. This means hackers would need access to your smartphone to get the code.