This list is the 2015 version of the group’s annual compilation of poor password hygiene. The report is based on more than 2 million passwords leaked throughout the year.
While the top five worst passwords hardly shifted in their positions, there are new and (slightly) longer additions to the list. The longer passwords are still ridiculously easy to guess and are most likely a result of Web sites attempting to prod users into creating more secure credentials.
“We have seen an effort by many people to be more secure by adding characters to passwords, but if these longer passwords are based on simple patterns, they will put you in just as much risk of having your identity stolen by hackers,???. We hope that with more publicity about how risky it is to use weak passwords, more people will take steps to strengthen their passwords and, most importantly, use different passwords for different websites.
Here’s the list, with changes accounted for 2014. Hopefully none of these are in use in your organization today:
Rank Password Change from 2014