In spite of a constant drumbeat of news about hacking and cracking computer accounts, users still are employing extremely common and obvious phrases as passwords. A compilation of the most commonly used — and potentially most insecure — passwords seen over the past year was recently drawn up by Splashdata and reported in Mashable. Splashdata found that incredibly enough, the leading password in use today is the word “password.” Interestingly, number 4 on the list, the keyboard lineup of “qwerty,” is counterbalanced by item number 23, “qazwsx,” which is the first three rows of keys typed vertically.
[UPDATE: Trustwave just published a list of the most commonly used passwords within enterprises -- which put many corporate systems at risk.]
Splashdata’s 2011 list closely parallels that developed close to two years ago by Imperva, showing that these terms never go out of vogue.
Here is this year’s list:
SmartPlanet colleague Tuan C. Nguyen provides a surprisingly simple technique for deriving a strong password that makes it difficult for hacking programs to arrive at the right brute force combination — employing a symbol in combination with an upper-case and lower-case letter.
Not everyone thinks that strong passwords are the answer, however. In another study on passwords, a Microsoft researcher conducted a cost/benefit analysis of efforts to encourage stronger passwords, and questions whether the costs of strong password management outweighs the benefits.