Every year SplashData unveils its list of the worst passwords, proving that people don’t listen to advice and that 2017 was the year of Star Wars.
The company generates its list using data from over five million passwords leaked by hackers over the past year. The list is particularly pertinent due to recent data breaches, including the massive cybersecurity breach at Equifax, which impacted 100,000 Canadians.
Despite a large number of cyber attacks, people continue to be lazy when it comes to their personal passwords. Over the last four years, the top two passwords have remained the same: “123456” and “password.” Variations of these passwords account for six others on the list.
SplashData believes approximately 10 percent of people have used at least one of the 25 worst passwords on the 2017 list, reports Fortune. About 3 percent used the top offender, “123456.” SplashData warns that “use of any of the passwords on this list put users at grave risk for identity theft.”
New passwords that made the list this year include “starwars,” “freedom,” “monkey,” “letmein,” “iloveyou” and “hello.” Obviously, many people aren’t very creative when it comes to protecting their personal information.
“Unfortunately, while the newest episode may be a fantastic addition to the Star Wars franchise, ‘starwars’ is a dangerous password to use,” said SplashData CEO Morgan Slain. “Hackers are using common terms from pop culture and sports to break into accounts online because they know many people are using those easy-to-remember words.”
There are much better password alternatives that will make it more difficult for hackers to gain access to other people’s accounts. SplashData and other firms advise using 12 characters or more with a mix of upper and lower-case letters. In addition, people should avoid using the same password for various accounts. If you have difficulty remembering all your log-in information, considering using a password manager.
Below are the top 25 passwords on the 2017 list:
See SplashData’s complete list here.