'123456' Named 2014's Worst Password of the Year

MacRumors

macrumors bot
Original poster
Apr 12, 2001
49,686
11,002



Despite the multitude of password management apps that are available, like 1Password and LastPass, many people continue to use easily guessable words and number strings to protect their sensitive information.

One of the most popular passwords in 2014, for example, was "123456," according to a list of leaked 2014 passwords gathered by SplashData (via Re/code). The second most used password was "password," followed by "12345," "12345678," and "qwerty." Both "123456" and "password" have also been popular in past years, ranking as the top two most commonly used passwords in 2013.

Similar number strings were the sixth and seventh most popular 2014 passwords, followed by the words "baseball," "football," and "dragon."

"Passwords based on simple patterns on your keyboard remain popular despite how weak they are," said Morgan Slain, CEO of SplashData. "Any password using numbers alone should be avoided, especially sequences. As more websites require stronger passwords or combinations of letters and numbers, longer keyboard patterns are becoming common passwords, and they are still not secure."
To get its list of the worst passwords in 2014, its fourth annual year of collecting password data, SplashData looked at more than 3.3 million passwords that were leaked across 2014. Passwords came primarily from users in North America and Western Europe.

Based on the data that it gathered, SplashData recommends against using keyboard sequences like "1qaz2wsx" or "qwertyuiop," and it advises users not to use a favorite sport. Baseball and football made the top 10 list of most common passwords, while hockey, soccer, and golfer were in the top 100. Team-based passwords like Yankees, Eagles, Steelers, Rangers, and Lakers also made the top 100 list.

Birthdays and birth years are also not recommended, nor are names, with common monikers like Michael, Jennifer, Thomas, and Jordan listed within the top 50 most commonly used passwords. Swear words, phrases, hobbies, athletes, car brands, and film names were also heavily featured in SplashData's top 100 list.

Using a password management app like SplashID, 1Password, or LastPass is highly recommended, to generate random passwords that are used for a single site and that are more secure than self-generated words, numbers, and phrases.

Widely publicized data leaks across 2013 and 2014 seem to have spurred more people to choose stronger passwords, as the top 25 passwords represented just 2.2 percent of passwords exposed. Along with the well-known iCloud breach, many companies including Home Depot, Target, and Staples saw major data leaks.

Article Link: '123456' Named 2014's Worst Password of the Year
 

Chrjy

macrumors 6502a
May 19, 2010
796
1,150
UK
Really! After all the media attention surrounding hacked accounts etc, people are still using such ridiculous passwords, there's no helping some individuals. :rolleyes:
 
Last edited:

AnsonX10

macrumors member
Apr 20, 2009
69
69
4/20
I haven't seen very many sites since like 2006 that either accepted less than 8 characters, or only numbers.
 

Big-TDI-Guy

macrumors 68030
Jan 11, 2007
2,606
13
The combination is 1...2...3...4...5?

That's the kind of thing an idiot would have on his luggage!

Edit: stiligfox's Schwartz is slightly bigger than mine...
 
Last edited:

thekev

macrumors 604
Aug 5, 2010
6,830
2,351
This actually highlights a problem with the system of using passwords for everything. You want them to be different for security reasons. To be effective they should be as random as possible, and there isn't a consistent set of standards when it comes to password length and allowable characters.
 

Daalseth

macrumors 6502a
Jun 16, 2012
569
236
Time for something new

It's time we abandon the whole password idea. People simply can't remember and won't be bothered to enter anything long enough and random enough to be secure. We need to go to something else. Biometrics is OK but if it's hacked how do you change your fingerprint. We need some other way to assure that whoever is trying to access systems are in fact the people who should be accessing them.

The password concept is obsolete.
 

mattopotamus

macrumors G5
Jun 12, 2012
13,776
4,274
I always memorize the serial numbers from my household products and combine them into a massive password.

It has letters, numbers, capital letters..
 

mattopotamus

macrumors G5
Jun 12, 2012
13,776
4,274
It's time we abandon the whole password idea. People simply can't remember and won't be bothered to enter anything long enough and random enough to be secure. We need to go to something else. Biometrics is OK but if it's hacked how do you change your fingerprint. We need some other way to assure that whoever is trying to access systems are in fact the people who should be accessing them.

The password concept is obsolete.
42 characters here
 

jclo

Editor
Staff member
Dec 7, 2012
1,655
3,328
California

chrmjenkins

macrumors 603
Oct 29, 2007
5,322
154
CA
It's time we abandon the whole password idea. People simply can't remember and won't be bothered to enter anything long enough and random enough to be secure. We need to go to something else. Biometrics is OK but if it's hacked how do you change your fingerprint. We need some other way to assure that whoever is trying to access systems are in fact the people who should be accessing them.

The password concept is obsolete.
I'd prefer spoken passcodes. I find a sequence of squirrel barks coupled with a light warbling clears the sinuses and establishes boundaries for prying eyes in public venues.
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.