Security threats may become more complex and sophisticated, but our password choices don't follow the same pattern.
Security software developer Splashdata has released its annual list of the worst -- and most common -- passwords used on the web in 2012. Worryingly, very little has changed from 2011, where "password", "123456" and "12345678" are still in the top spots -- although Trustwave placed "Password1" in the top three slots last year, whereas it's a new addition in Splashdata's version.
In addition, several new arrivals in the top 25 awful passwords are "jesus", "welcome", "mustang", and sadly "ninja".
According to PC World, the data is based on file dumps from online hacking campaigns, which include high-profile security breaches suffered at Yahoo, LinkedIn, eHarmony, and Last.fm.
Here is the complete list, including places going up or down:
In comparison, an analysis of the Yahoo hack from earlier this year found that the top ten common passwords were:
According to research from Norton, nearly half of Internet users do not use a complex password and over 25 percent of adults online have been notified to change their password when an account has been compromised. In addition, 46 percent of users aged between 18 and 64 don’t use a password that combines phrases, letters, numbers, symbols and caps or lowercase -- which are more difficult to infiltrate.
The simple fact of the matter is that if you choose a password which follows a simple pattern or is an obvious word, not only will it be easy for you to remember, but it will also be easy for simple attacks to breach your personal security.
In order to create a secure password, you should consider avoiding easy keyboard patterns -- such as 'qwerty' or '123', mix capital and lower-case letters, and keep them varied. A difficult-to-guess memorable word, such as a book character or favorite food would work better than 'password' or 'letmein', and switching word orders will boost the security of your online accounts further.
Image credit: Splashdata