Email Marketing worst-passwords

Published on December 12th, 2011 | by Brendan Hill

25

Good Password = Good Idea

This time of year, with all the online shopping, shipping, and marketing to be done, you might find yourself signing up for many different web-based products and services (like VerticalResponse maybe?). While it’s tempting to rush through these signup processes to place your order faster or start using the product quicker, you want to use a strong password (or passwords) to keep your information secure.

We bring this up because SplashData, a password management application provider, unveiled its “25 Worst Passwords of the Year” for 2011, which was also featured by online news sages Mashable.

SplashData compiled their list “from files containing millions of stolen passwords posted online by hackers” and stated that “Hackers can easily break into many accounts just by repeatedly trying common passwords…“. So when they say “worst,” they basically mean the most common, and therefore the most easily stolen.

Here’s the list:

  1. password
  2. 123456
  3. 12345678
  4. qwerty
  5. abc123
  6. monkey
  7. 1234567
  8. letmein
  9. trustno1
  10. dragon
  11. baseball
  12. 111111
  13. iloveyou
  14. master
  15. sunshine
  16. ashley
  17. bailey
  18. passw0rd
  19. shadow
  20. 123123
  21. 654321
  22. superman
  23. qazwsx
  24. michael
  25. football

I’m a little disappointed not to see “opensesame” on this list. Wait, I’ve said too much…

Anyway, SplashData also provided some helpful dos and don’ts for creating stronger, more secure passwords:

  • Do: make your passwords at least eight characters
  • Do: use a variety of letters (capital and lowercase), numbers, or special characters (#, $, *, etc…) when possible.
  • Don’t: use the same username/password combination on multiple sites. Microsoft agrees.

If you feel like you won’t be able to remember lots of different logins, you can either write them down somewhere safe, or use an online password manager to help you keep track.Hopefully this post is just a friendly refresher course on password security. But, if your password does happen to be “password,” go ahead and change it; we won’t tell anybody.

© 2011 – 2012, VerticalResponse Blog. All rights reserved. Unauthorized use and/or duplication of this material without express and written permission from this blog’s author and/or owner is strictly prohibited.

Tags: , , , , , ,


About the Author

Brendan Hill

is a contributing author for VerticalResponse.



25 Responses to Good Password = Good Idea

  1. Atomic Shrimp says:

    If you use a procedure to generate your passwords (as Devon suggests), if one of them falls into the wrong hands, the others are automatically at risk.
    For example, if I was in the business of hijacking accounts, and I learned that your Twitter password was 1:mnij:twt, I’d be straight off to eBay to try 1:mnij:eby, to Hotmail to try 1:mnij:html, etc.

  2. Devon says:

    key to a great password you can easily remember:
    1. come up with a phrase of 3-5 words; “My Name Is Joe”.
    2. make your phrase an acronym; “mnij”.
    3. add atleast one number and one symbol to the beginning; “1:mnij”.
    4. add another symbol to the end followed by an abbreviation to the site you are making the password for; “1:mnij:fb” (for facebook) or; “1:mnij:twt” (for twitter).
    5. enjoy you easy to remember password that is damn near impossible for anyone to figure out

  3. Nicky says:

    Great article. I notice that common passwords are quickly spammed. Its good to know this list and need to make sure our passwords are different everytime.
    Using a special password tool is the best to use.

  4. It would be impossible for me to remember a different password for every single service and site I use.

  5. No_Hazmats says:

    I see ‘Orun’ beat me to it, but it’s worth repeating. People tend to over do things to their own detriment.
    http://xkcd.com/936/

  6. Ardham Grace says:

    This is too funny. GUILTY on about 4 on that list! Ugh.

  7. I am always suprised at the number of people I visit whos password is just that “password” I even had one elderly gentleman who told me he used it for his online banking!!!

  8. Marcotur says:

    do you also have the list of the UserId with 123456?

  9. sajid says:

    no my password isn’t qwerty ;)

  10. Lyndi says:

    I used a tool called KeePhrase, it makes passwords out of classic literature. Easy to remember: http://keephrase.com/

  11. Is 12345 the same as 123456?

  12. AIM Soiree says:

    I’m in all sorts of trouble!
    Regards,
    Ashley Michael Bailey

  13. Richard says:

    A good idea to form a password is the use of a long phrase using the initial letters. Eg;
    I am single my income is $60K and work @ IT = Iasmii$6Kaw@IT. You won’t forget it and is secure. A generator has the inconvenience of not remembering it.

  14. HoddTaley says:

    Good Password = not using one of the 25 passwords on this website.
    Good Password = not giving a hacker a list of 25 possible passwords.
    Good Password = something that is unique to you and doesn’t come from a list generated from a website.
    Good Password = one you don’t share in the comments section of a website b/c you see that it is on the list above.

  15. I keep all mine slightly different so cracking one doesn’t mean they are all cracked, but it is easier to remember

  16. roadie rob says:

    THEORY: “multiple passwords” is a plot conceived by your bank. It keeps them safer (at least as far as legal obligations) but not you because now you have to record all your passwords somewhere. Which is at least as big a security hole as having one good pw.

  17. b says:

    i didn’t think many people besides me used monkey as a password…haha weird

  18. David says:

    I think it’s funny that “ashley” is so high on the list. What does that say about people named Ashley?

  19. anon says:

    passwords are so old hat, no passphrases however…

  20. John Snidermen says:

    Or you can do what I do. Don’t put anything valuable on the internet. Then you dont have to worry about getting your password stolen.

  21. Diego Melham says:

    a cool way to make a seemingly complex password is to shift one key to the left (or right) of each letter of a word you are sure to remember, for example –> sunday –>[shift right]–>dimfsu … taa daa

  22. RE: hard for humans to remember, and easy for computers to guess
    And that’s why you make passwords that are easy for humans, but difficult for computers. Length is the only way to do that, complexity be damned.
    1like2ridemybike@CentralParkinBudapest
    is much better than
    Ae8&^l
    The first password would take roughly 1.3 x 10^41 days for a single computer to crack. Essentially, never. The second, and much more difficult password to REMEMBER will take about half a MINUTE to crack.
    o_0

  23. Orun says:

    “Through 20 years of effort, we’ve successfully trained humans to create passwords that are hard for humans to remember, and easy for computers to guess”xkcd
    http://xkcd.com/936/

  24. RoboForm try out the free version, then go pro. All passwords generated and locked in under one password. Back up regularly for safe keeping.

  25. That’s why i use password generator!

Back to Top ↑