The SplashData list of worst passwords of 2014 was just published, and it looks very similar to the list in 2013, 2012, 2011, etc.:
Rank |
Password |
Change from 2013 |
1 |
123456 |
No Change |
2 |
password |
No Change |
3 |
12345 |
Up 17 |
4 |
12345678 |
Down 1 |
5 |
qwerty |
Down 1 |
6 |
123456789 |
No Change |
7 |
1234 |
Up 9 |
8 |
baseball |
New |
9 |
dragon |
New |
10 |
football |
New |
11 |
1234567 |
Down 4 |
12 |
monkey |
Up 5 |
13 |
letmein |
Up 1 |
14 |
abc123 |
Down 9 |
15 |
111111 |
Down 8 |
16 |
mustang |
New |
17 |
access |
New |
18 |
shadow |
Unchanged |
19 |
master |
New |
20 |
michael |
New |
21 |
superman |
New |
22 |
696969 |
New |
23 |
123123 |
Down 12 |
24 |
batman |
New |
25 |
trustno1 |
Down 1
|
Sadly, I could have written this same post and used nearly the same list in 2010– in fact, I did: http://www.securityprivacyandthelaw.com/2010/01/is-your-password-still-123456-if-so-its-time-for-a-change/. Not everyone can start exercising, lose weight, save more money or get a new job as a resolution for 2015, but you can change your password, usually in less than 60 seconds, and toughen it up a bit.