Online security firm releases 25 worst passwords of 2013 list

US- based online security firm SplashData, which makes password management applications, has released its 2013 list of the 25 worst passwords.

January 20, 2014

The company advises consumers or businesses using any of the passwords on the list to change them immediately.

In a press release issued by the online security company, the list was compiled from files containing millions of stolen passwords posted online during the previous year, particularly the large number of passwords from Adobe users posted online by security consulting firm Stricture Consulting Group following Adobe's well publicized security breach.

For the first time since SplashData began compiling its annual list, "password" has lost its title as the most common and therefore Worst Password, and two-time runner-up "123456″ took the dubious honor. "Password" fell to #2.

The company advises consumers or businesses using any of the passwords on the list to change them immediately.

Here's the full list:

123456

password

12345678

qwerty

abc123

123456789

111111

1234567

iloveyou

adobe123

123123

admin

1234567890

letmein

photoshop

1234

monkey

shadow

sunshine

12345

password1

princess

azerty

trustno1

000000

Commenting on this year's list, Morgan Slain, CEO of SplashData said: "Seeing passwords like 'adobe123′ and 'photoshop' on this list offers a good reminder not to base your password on the name of the website or application you are accessing."

SplashData suggests tips for secure passwords:

Use passwords of eight characters or more with mixed types of characters. But even passwords with common substitutions like "dr4mat1c" can be vulnerable to attackers' increasingly sophisticated technology, and random combinations like "j%7K&yPx$" can be difficult to remember. One way to create more secure passwords that are easy to recall is to use passphrases -- short words with spaces or other characters separating them. It's best to use random words rather than common phrases. For example, "cakes years birthday" or "smiles_light_skip?"

Avoid using the same username/password combination for multiple websites. Especially risky is using the same password for entertainment sites that you do for online email, social networking, or financial service sites. Use different passwords for each new website or service you sign up for.

ZAWYA NEWSLETTERS

RELATED ARTICLES

ZAWYA NEWSLETTERS

LATEST VIDEO