The Worst Passwords of 2014 | Cannon Group | Your trusted experts in telecom management.
Tablet Sales to Grow in 2015
January 16, 2015
4 Cloud Computing Tips for Business
January 27, 2015

The Worst Passwords of 2014

The Worst Passwords of 2014

Using These Simple, Easy-to-Guess Passwords Can Leave You Vulnerable to Cyberattacks

January 23, 2015

Recognize any passwords on this list?

Worst Passwords of 2014 SplashData

Research pinpoints these as the most common, simplest and thus weakest passwords of 2014.*

They’re everything a password shouldn’t be: minimal, straightforward and painfully easy to guess – especially considering that experts predict immense growth in cyberattacks and hacking as technology continues to advance (see What to Expect for Enterprise Infrastructure in 2015).

It’s time for a password revolution.


Choosing a Strong Password

These lists are based on more than 3.3 million leaked passwords from users in North America and Western Europe. Here are some tips for optimizing your password strength.

Avoid simple patterns.

According to SplashData, the company behind these lists, passwords based on simple keyboard patterns (think: “qwertyuiop” or “123456”) are incredibly weak and yet remain popular among users who have been hacked. This holds true no matter how long they are (think: “qwertyuiopasdfghjkl” which is the first two rows of letters on a keyboard) – if they follow an obvious keyboard sequence, they aren’t secure.

Change passwords every 6 months.

It’s important to note that since 2011, “123456” and “password” have held their respective spots as the top two weakest passwords. Consistent changes to your password (though not at a rate that would eventually confuse you) can ensure security, even if the unthinkable occurs and your old password is leaked. If it’s hard for you to remember changing your passwords, consider using a password manager to help.

Switch up passwords for different sites.

No matter how strong your password is, using the same one across multiple sites could spell disaster in the event of a cyberattack.

Use two-factor authentication when possible.

Two-factor authentication requires users to not only log in using a password, but also to complete an additional verification step. For example, after entering the correct password, you may also have to enter a 4-digit code sent to your mobile phone.

True, this might seem like a hassle, but it’s worth the extra couple seconds – especially if sensitive information is on the line (see Don’t Overlook Enterprise Security).

Be smart about using names.

It turns out that names like “michael,” “jennifer,” “thomas,” “jordan,” “hunter,” “michelle,” “charlie,” “andrew,” and “daniel” are all in the top 50 most common names; and thus, make weak passwords.

While it might be a no-brainer to use your child’s (or pet’s) name… Experts maintain that if you’re going to do it, make sure you fortify it with good password techniques (below).

Other helpful tips:

  • DO make sure your passwords are at least 8 characters long.
  • DO use password phrases that have a mix of uppercase letters, lowercase letters, numbers and symbols.
  • DON’T rely on a common phrase to ensure optimal security (e.g. “trustno1”).
  • DON’T simply use curse words, sports or hobbies (other common passwords include favorite teams, film names, car brands and famous athletes).
  • DON’T use your birthday or birth year as your password.

Subscribe to our blog

Sign up to receive a monthly rundown of our blog posts!

S U B S C R I B E !

* 25 most commonly used and worst passwords of 2014, NetworkWorld. Network World, Inc.