What Do The Worst Passwords of 2015 Say About Us?

What Do The Worst Passwords of 2015 Say About Us?

Posted on

weak passwordIn the 2015 edition of its annual worst passwords list, password management company SplashData revealed the 25 most common (and most easily compromised) passwords for the year. Based on an analysis of more than 2 million passwords revealed through searches of publicly available plain text data dumps, the report found that the Internet public is still clinging to its bad password habits.

Same Story, Same Verse

One of the surest signs that the message isn’t getting out is the continued presence of “123456” as the number one most common password, a position it has held since 2011. Indeed, even despite the fact that useful tools like password management software help mitigate the risk of relying on weak passwords, Internet users continue to rely on incredibly obvious choices. Chances are that your employees' bad password habits are no different.

Internet denizens have taken at least some best password practices to heart, as they’ve clearly heard the message that longer passwords are safer. Unfortunately, it seems that most users have misunderstood the lesson, as the most common method to “fix” weak passwords is simply appending additional digits at the end of the pattern, explaining the spot held by “1234567890” at number 12 on the list.

Signs of Hope

Fortunately, the report isn’t all bad news. The good news is that only 3 percent of users in the data sample were using one of the top 25 worst passwords, which is down from 4 percent in SplashData’s reports from previous years.

Still, the rampant use of extremely obvious passwords shows that we still face a pressing need to push the spread of alternatives to using bad passwords. The lesson that Internet security is itself important seems not to have taken hold, even despite the mounting numbers of headlines about yet another data breach.

Ultimately, the takeaway seems to be that, while Internet users are aware that their passwords play an important role in their own online security, they still don’t grasp how to do so effectively. And really, who can blame them? In a world where the best security advice is that you’re supposed to remember dozens of separate (and complex) passwords, is it any surprise that so many choose to rely on one or two very simple passwords instead?

It seems that the best solution remains the use of password management software, and that we should move away from password-based authentication entirely, whenever possible.

Contact Garland Heart today to learn more about how your organization can increase its password security compliance and boost the effectiveness of your risk management solutions.
New Call-to-action