In perhaps the least shocking news you will hear all day, “password” is really not a great authentication secret for online accounts. Unfortunately, not enough people seem to realize this as, yet again, it topped the list of most popular passwords according to Splashdata, which analyzed results from some of the highest profile security breaches of 2012. Here’s the top 5:
1) password (#1 in 2011 as well)
2) 123456
3) 12345678
4) abc123
5) qwerty
No real surprises there. The next 5 are a bit more curious:
6) monkey
7) letmein
8) dragon
9) 111111
10) baseball
OK, so “111111” is easy to type and “baseball” is the national past time and “letmein”, well, that’s what you’re trying to do when you enter a password so I get all of that but “monkey”? Really? Maybe it’s best I don’t know…
Another interesting one came in at #12 and it was “trustno1”, which sounds like pretty good advice on one level but apparently the paranoia has reached such a level that it now causes a significant number of people to choose it as their authenticator.
Once again, I think this makes the case for single sign-on tools which can automatically generate strong, random passwords that they manage so you don’t have to break out the yellow sticky pads and post your secrets around the edge of your monitor…