Worst Password List “123456” Replaces “Password”

The word “password” is finally dethroned as the world’s worst password. At least, according to SplashData’s annual “Worst Passwords” list. The list includes the 25 most common passwords used on the Internet. This year represents the first time since the list began that the word “Password” wasn’t the undisputed leader. Falling to second place, “password” was finally replaced by the two-time runner-up of “123456”.

Why does this list matter to business owners? The truth is that business owners and employees often underestimate the risks they put themselves and their businesses under when choosing simplistic passwords that are easy to guess. Understanding what makes passwords on this list so bad helps businesses create effective passwords that protect their data and their interests.

Worst Passwords List Rankings

The top ten list contains many of the same keywords that topped the list last year with two exceptions. One was “adobe123″ and the other was “123456789,” which came in at the number 10 and number six spot, respectively. The addition of adobe123 to the list indicates that many people are using the program they’re logging into with a combination of sequential numbers, which is also simple for would be hackers to guess.

Other words and phrases to make the top 25 list include “qwerty,” “iloveyou,” “monkey,” “admin,” “shadow,” “sunshine,” “princess,” “letmein,” “password1,” “photoshop,” “princess,” and “azerty.”

The problem with passwords such as these as that they are easy to guess by people on the outside who intend to harm your business or steal information from your business that may affect the people who work for you and those who do business with you.

Password Protection Best Practices

Businesses should consider training employees about password protection best practices, including proper password safety, password management, and the importance of changing passwords frequently in order to keep things fresh. Also, employees should avoid recycling old passwords or using passwords for work computers they use on their personal computers and devices at home.

Proper passwords should be eight or more characters in length and contain a mixture of numbers and letters whenever possible, according to Small Biz Trends. Businesses and employees should never use the same number for multiple accounts no matter how secure they believe the password is.

There have been many major security breaches making headlines over the past year. Part of the reason these breaches are possible is due to the fact that employees are choosing passwords that are far too easy for hackers to capitalize on. Consider song titles and substitute numbers for letters when possible. For instance, “More than a Feeling” becomes “M0r3thanaF33ling”. It’s a simple change, substituting the number 3 for the letter e and the number 0 for the letter o. Eliminate the spaces but keep the appropriate capital letters for an added degree of difficulty for hackers.

The bottom line is that hackers have access to the same top 25 list. You can bet they’ll try these passwords first.  Make sure your employees give them a much bigger run for their money by creating password policies for your employees. More importantly, protect your business interests in case a data breach does take place by investing in cyber liability insurance today.