10 worst passwords of 2014

This is an archived article and the information in the article may be outdated. Please look at the time stamp on the story to see when it was last updated.

NEW YORK (PIX11) — Creativity is key when protecting yourself online, but new data points to a stubborn habit of simple, easily hacked passwords.

Digital security firm SplashData analyzed 3.3 million passwords that were leaked last year to compile their fourth annual list — and not much has changed.

Holding strong in the top two spots are “123456” and “password.”

But a few new words popped into the unsavory top 10 list: “baseball,” “dragon,” and “football.

Other passwords appearing for the first time on the list are “696969” and “batman.” The password “iloveyou” fell off the list.

Passwords based on simple patterns — like the first six letters of a standard keyword — are popular because they’re memorable. But users sacrifice vital security when they opt for the easy route.

Stay away from swear words, names and sports, the group warned.

“The bad news from my research is that this year’s most commonly used passwords are pretty consistent with prior years,” online security expert Mark Burnett said.

“The good news is that it appears that more people are moving away from using these passwords. In 2014, the top 25 passwords represented about 2.2 percent of passwords exposed. While still frightening, that’s the lowest percentage of people using the most common passwords I have seen in recent studies.”

Stronger passwords have at least eight characters and mixed characters, like numbers and symbols, according to SplashData.

The group also recommends not using the same username and password combination for multiple websites, and using a password manager to keep passwords in a single, secure place and generate random passwords that are harder for hackers to guess.

The 10 worst passwords of last year were:

  • 123456
  • password
  • 12345
  • 12345678
  • qwerty
  • 123456789
  • 1234
  • baseball
  • dragon
  • football

For the complete list, click here.