People Are Still Bad On Generating Passwords, Report Reveals

According to a new study, people have still not learned their lessons on password etiquettes. SplashData revealed the list of the worst passwords to show how bad Internet users' choice for passwords are and how they continue to expose theirselves from risk.

Based on the 2015 "Worst Password List" released by SplashData, a security app and service provider, "123456" and "password" are its top two contingents. Worse, this has been the top two options since the company started its statistics in 2011. Collected data came from over 2 million leaked passwords during the year.

Finishing off the top 5 includes "12345678," "qwerty" and "12345." Meanwhile, blockbuster hit Star Wars seems to have made an impact on the choice of passwords, sporting three passwords based on the movie, namely, "princess," "solo" and "starwars."

On the other hand, some people did exert some efforts in securing their accounts by adding characters to make it seem lengthy and complicated, for example, "1qaz2wsx" (these are the first two columns of the keyboard), "qwertyuiop" (the first row of the keyboard) and "1234567890", apparently, all of which appeared in the top 25 list. However, if these are only based on simple patterns, these still give people the same risk for online hacking, according to Morgan Slain, SplashData CEO.

Also, sports is the most usual password theme, listing "football" and "baseball" at the seventh and tenth spots, respectively. "As we see on the list, using common sport and pop culture terms is also a bad idea," he added. Perhaps users have also grown tired of some passwords like "passw0rd," "welcome" and "login," which were all included last year but not anymore in 2015.

The company, on the contrary, provided some tips to boost a user's password. It suggested the use of password managers or random password generator such as LastPass and Dashlane, and refrain from using similar passwords on different sites.

Fortunately, some companies are improving its security measures without the dilemma of deciphering what your forgotten password was. Yahoo launched its Account Key that allows access without passwords, while Google is also allegedly rolling out a new log-in system to ditch those lengthy passwords.