Passwords are getting longer, but they’re not getting stronger.
For the first time last year, “1234567890,” “qwertyuiop” (top row of keys on a standard keyboard) and “welcome” landed spots on the list of the year’s most common passwords, according to data from SplashData, a Los Gatos, Calif.-based company that makes password-management applications. These examples are longer than perennial favorites “1234,” “12345″ and “qwerty,” which still rank high despite users knowing better, but they add little complexity.
“We have seen an effort by many people to be more secure by adding characters to passwords, but if these longer passwords are based on simple patterns they will put you in just as much risk of having your identity stolen by hackers,” SplashData chief executive Morgan Slain said in a statement.
Though companies often deal with complex security problems, like software bugs in home routers, lame passwords are still an issue. SplashData compiled data from more than 2 million leaked passwords that were posted online by hackers. Most of the data came from people in North America and Western Europe.
The top passwords of 2015 were also a reflection of the year. Two new entries on the list were “starwars” and “solo.”
Until all passwords are replaced with fingerprint readers, facial or voice recognition, good passwords should include at least 12 characters with combinations of upper- and lower-case letters, numbers and special characters–definitely not “password,” “football” or “abc123,” according to SplashData. Here’s Personal Tech columnist Geoffrey A. Fowler’s tips on using third-party password managers.
