Password manager creator SplashData has released its list of the top 25 worst passwords of 2019, based on information gathered from data breaches.
Often, a new password based on some cultural trend makes the list. In 2014, it was Batman and Superman (per the movie “Batman V Superman”); in 2015 it was “Star Wars”; and in 2018, it was “Donald.” This year, apparently it’s “Game of Thrones” (and/or “How to Train Your Dragon”), as “dragon” made the top 25 list.
The 25 worst passwords of 2019
Here’s the 25 worst passwords of the year:
The usual password advice
Here’s my usual password advice:
- Use a password manager, such as KeePass, 1Password, and LastPass (I use the latter). Password managers can create and store strong unique passwords for each site.
- Avoid using popular or famous phrases, religious quotes, catchphrases, etc. as passwords or passphrases. As tempting as “YouShouldHavePutARingOnIt,” “AvengersAssemble,” or “MayTheForceBeWithYou” might be as passwords, avoid using such.
- Don’t use Facebook (or another social network) as a login for sites. As tempting as it is to use Facebook to log into other sites, at this point I recommend against such. Just create a new password for the site in question. Besides, Facebook has its own problems.
- Don’t reuse passwords on more than one account. The use of passwords on multiple sites can make security breaches even more dangerous for users.
- Use two factor authentication if possible. Two factor (or two step) authentication helps beef up security on sites, by requiring an additional step (and separate piece of information) to log in. Google Authenticator and Authy are two popular apps to use with this.
Do any of you have any password suggestions or questions? Feel free to list them in the comments.
Photo by Mike Mozart (Flickr / CC BY / cropped from original)