‘starwars’ debuts on list of 2015’s worst passwords

Igor Bonifacic

January 19, 2016 11:12am

Despite the fact the World Wide Web has been around for more than 25 years at this point, most people are still using the same collection of unoriginal passwords. According to SplashData, a software developer that maintains its own password manager, and its fifth annual look at the Internet’s worst passwords, “123456” and “password” remain the two most popular passwords in use on the Web.

Rounding out the top five are similarly easy-to-guess crypts like “12345678,” “qwerty” and “12345”. To compile its list, SplashData looked at the two million passwords that were leaked in 2015. New to the annual report are a bevy of Star Wars-related passphrases like “starwars,” “princess” and “solo”.

If there’s an upside to this story, it’s that text passwords will likely soon be a thing of the past. According to a survey of 308 Internet security experts conducted in 2015 by SecureAuth, a company that develops two-factor authentication software, 91 percent of respondents believe text passwords will be phased out over the next 10 years.

We’re already seeing companies like Google make an effort to eliminate the password. The search giant recently unveiled a smartphone-based two-factor authentication system, while closer to home, Nymi, a biometrics wearable startup based in Toronto, wants to use people’s heart beats to log in to devices in the future.

In the meantime, with an abundance of well-designed password managers — including ones like Canadian-made 1Password and Dashlane, which just last week was the recipient of a major update — it has never been easier to avoid making an easy-to-guess password in the first place.

Check out the full list below.

312345678Up 1
4qwertyUp 1
512345Down 2
7footballUp 3
81234Down 1
91234567Up 2
10baseballDown 2
13abc123Up 1
14111111Up 1
16dragonDown 7
17masterUp 2
18monkeyDown 6
19letmeinDown 6
  • Frederick The Great

    And people wonder why their email and other information gets hacked. It’s not so much about whether you’re using Android, iOS, BB10, Windows etc. It’s about using some common sense when choosing a password that is hard to guess and far too many people clearly don’t take care enough.