The worst password of 2015 is “123456,” according to SplashData, which released the “Worst Passwords List on Tuesday.
The firm has been ranking passwords since 2011 and bases its selection on more than two million leaked passwords.
Many of the 2015 winners were also on the list in 2011 “demonstrating how people’s choices for passwords remain consistently risky,” said the firm.
“We have seen an effort by many people to be more secure by adding characters to passwords, but if these longer passwords are based on simple patterns they will put you in just as much risk of having your identity stolen by hackers,” said Morgan Slain, CEO of SplashData.
“As we see on the list, using common sports and pop culture terms is also a bad idea. We hope that with more publicity about how risky it is to use weak passwords, more people will take steps to strengthen their passwords and, most importantly, use different passwords for different websites.”
SplashData did cite some new and longer passwords creeping into the list, but said that longer does not mean more secure as they are often based on relatively easy to guess patterns.
Numeric passwords take six spots in the top ten.
Sports-based passwords were also on the list, including “football” and “baseball.”
The Star Wars movies proved again to inspire many passwords, with “starwars,” “solo” and “princess” appearing on the list for the first time.
Several passwords from the 2014 list did not make it to the 2015 edition, including “welcome,” “login” and “passw0rd.”