These are the worst passwords of 2015

By Andrea Peterson

Passwords are the banes of our increasingly online lives. Photo / iStock
Passwords are the banes of our increasingly online lives. Photo / iStock

Our passwords are bad, and we should feel bad about it: Every year, SplashData releases a list of the most popular passwords discovered in data breaches released online over the past 12 months. And this year, "123456" and "password" topped this list.

Just like last year. And the year before that.

Other popular choices this year were sports, like "football" and "baseball." And "starwars," a newcomer to the list, ranked as the 25th most popular breached password, probably thanks to excitement over the release of the newest movie in the franchise.

Passwords are the banes of our increasingly online lives: Nearly everything we sign up for needs a password, and creating a secure one can be a pain. Even when we come up with a good one, we always need more because reusing passwords can leave us exposed if a service we use gets breached.

Hackers share fake fuel voucher codes
The debate over government 'backdoors' into encryption isn't just happening in the US
Patients unaware of staff prying in their files

To try to stay secure we are left relying on password management tools that sometimes get breached themselves, or juggling an almost ridiculous rotation of hard-to-remember passwords, or using a random string of characters we expect to reset the next time we log in.

Unless, that is, they just give up and use comically easy-to-guess passwords.

This password paradox is why tech companies like Google, Apple and Yahoo are trying to find ways to replace passwords. Apple, for instance, includes fingerprint scanners in its new iPhones. And Google and Yahoo have been experimenting with ways that let people use their mobile phone to prove their identity without a password.

Unfortunately, these alternatives can come with their own drawbacks: You leave your fingerprints on pretty much everything you touch, and some researchers have even found way to fake fingerprints from high definition photos. And using just your mobile phone may leave you at risk if you lose it.

For now, at least, consumers are probably best off trying trying to remember strong, unique passwords for important services and turning on two-factor authentication, a system where they have to go through another step to confirm their identity when they log in -- usually entering a code that's texted to their phone.

There's a good list of what services offer this protection. The extra step may feel frustrating, but it's a lot less work than having to recover from a breached account.

- Washington Post

Get the news delivered straight to your inbox

Receive the day’s news, sport and entertainment in our daily email newsletter


© Copyright 2016, NZME. Publishing Limited

Assembled by: (static) on production apcf03 at 23 Oct 2016 03:07:24 Processing Time: 616ms