If you're one of those people who thought it was clever to use "password" as your password, it's time to wisen up and make a change.
And even if you think you're outsmarting potential hackers by using a random noun such as "dragon" or "master" as your password or a name such as "michael", think again. All three rank up there with old favorites such as "123456" or "qwerty" among the top 25 most commonly used passwords of 2011, according to security and search application vendor SplashData.
Other common passwords include patterns based on the layout of the keyboard like "qwerty" and "qazwsx." With an increasing number of sites requiring more complex passwords, some letter and number combinations like "abc123" and "trustno1" are being used more often, according to SplashData's report.
According to SplashData, the most common passwords on the web are:
SplashData's top 25 list was compiled from files containing millions of stolen passwords posted online by hackers, according to CEO Morgan Slain. He advised that if consumers or businesses are using any of the passwords in the list, their passwords should be changed immediately.
"Hackers," Slain said, "can easily break into many accounts just by repeatedly trying common passwords. Even though people are encouraged to select secure, strong passwords, many people continue to choose weak, easy-to-guess ones, placing themselves at risk from fraud and identity theft," Slain said. "What you don't want is a password that is easily guessable. If you have a password that is short or common or a word in the dictionary, it's like leaving your door open for identity thieves."
Even though thieves have more sophisticated hacking tools at their disposal today than ever before, they still tend to prefer easy targets, Slain said. "Just a little bit more sophistication in choosing passwords will go a long way toward making you safer online."
SplashData suggests making passwords more secure by using
passwords of eight characters or more with mixed types of characters. In addition, users should avoid using the same username/password combination for multiple websites.