Are your passwords putting you at a higher risk for identity theft? If they’re on the “Worst Passwords of 2015,” list the answer is probably yes. For the past five years, password management company, SplashData, has released a collection of the most common and hackable passwords based on a study of different data breaches in North America and Western Europe. This year’s top 25 is topped by the painfully obvious “123456” and “password.”
Other popular passwords on the list include sports like baseball and football as well as different combinations of QWERTY keyboard characters in the order of their appearance. One of the newest additions is “starwars,” undoubtedly due to the film franchise’s latest release.
According to Morgan Slain, the CEO of SplashData, these annual lists indicate certain patterns of behavior in password creation. This past year, for example, demonstrates some attempts at being more secure, though they weren’t always well-executed.
“We have seen an effort by many people to be more secure by adding characters to passwords, but if these longer passwords are based on simple patterns they will put you in just as much risk of having your identity stolen by hackers,” he said.
SplashData said that this year was the first that longer passwords made an appearance on the list but urged that length does not equate to better security.
The list shows that too many people still don’t take password creation seriously, especially for seemingly innocuous online accounts. Most likely, these passwords were created to be easily memorized. What these users still don’t realize is that any weak log-in information can be exploited and lead to identity theft. SplashData reported that someone’s password is hacked every three seconds, with adults aged 60 and older, women aged 30 to 45, CEOs, politicians and sports fans among the most vulnerable candidates.
After a tough year of data breaches for major retailers, social sites and organizations, strong passwords are more important than ever. This has prompted many sites to require certain types of passwords for account creation, but users are often put off by all that complicated memorization. TechCrunch estimated that the average internet user has to remember more than 25 passwords to access sites commonly used on a daily basis. This is likely why so many passwords on 2015’s list were obvious combinations of letters and numbers.
Creating a strong password starts with using a mix of letters, numbers and symbols. If this sounds like it could get too difficult for you, SplashData recommends putting spaces or symbols in between short words so your password is easy for you to remember but harder for others to guess. You should also avoid using the same username and password combination for multiple accounts as well as using a favorite sport, person’s name or birthday in the password.
For even more personal protection consider what tools or services you might invest in to protect your identity. A good identity theft protection service monitors your credit, Social Security Number and public record, and alerts you to certain activity in your credit file that could indicate fraud. You also want to look for a service that provides software tools like keystroke encryption or anti-virus, and education on digital privacy and how you can lower your risk. These tools can bolster your protection as you work to strengthen weak passwords.