Security firm reports list of worst password used in 2014, and to avoid in 2015

Every year SplashData releases a chart of weakest passwords used by internet users on various web services. The intent is to remind users to use strong password for their own safety and security on the web. The firm has just posted its chart of worst passwords in the year 2014, and the worst password of the year is as guessable as you would think.

According to the online security firm’s latest report, ‘123456’ is the worst password of 2014. Other similar passwords that scored in the top 10 list of weakest password of the year include ‘1234’, ‘12345’, ‘12345678’, and ‘123456789’.

SplashData created the list of weakest passwords of the year based on a list of 3.3 million passwords that were leaked last year. The firm ranked through those leaked passwords and created the list of worst passwords used by the people on the web last year.

Non-numerical passwords that made it to the list are just as worst, with the top being ‘password’, ‘qwerty’, ‘baseball’, and ‘dragon’. These are based on analysis on the leaked passwords in North America and western Europe.

Chief Executive of SplashData Morgan Slain said that passwords based on simple patterns on your keyboard remains popular despite how weak they are. He advises against using numerical passwords that are especially in a sequence. These types of passwords are easy to guess and are more likely to be cracked.

The problem becomes even deeper when the same password is used on multiple websites. That way, if a sophisticated attacker succeeds in cracking the password of someone, they can access all the online accounts where that password was used. That is why it’s a good practice to use different passwords in different online accounts.