1. ITV Report

How weak are your online passwords? New report reveals the worst ten you should never use

New report exposes the ten least secure online passwords Photo: Dominic Lipinski/PA Wire

There were a series of major security breaches in 2014 involving the likes of iCloud, Snapchat and Sony Pictures. Despite these high profile hacks, it seems people online still don't know how to protect themselves with strong enough passwords.

Online security firm SplashData has looked at more than three million passwords that were leaked online in the last year. Its fourth annual 'Worst Passwords' report shows the ones to avoid.

For the fourth year in a row '123456' and 'password' occupy the top spots in the least secure list.


1. 123456 (Unchanged from 2013)

2. password (Unchanged)

3. 12345 (Up 17)

4. 12345678 (Down 1)

5. qwerty (Down 1)

6. 1234567890 (Unchanged)

7. 1234 (Up 9)

8. baseball (New)

9. dragon (New)

10. football (New)

Web experts say many people continue to put themselves at risk by using weak passwords Credit: Sean Kilpatrick/The Canadian Press/Press Association Images

Passwords based on simple patterns on your keyboard remain popular despite how weak they are.

Any password using numbers alone should be avoided, especially sequences.

As more websites require stronger passwords or combinations of letters and numbers, longer keyboard patterns are becoming common passwords, and they are still not secure.

– Morgan Slain, SplashData chief executive

Web experts suggest not using a favourite sport, for example 'football' or 'baseball' - both of which make the worst top 10.

Birthdays should also not be used, in particular the year of your birth.

But 'iloveyou' is one of the nine passwords from 2013 to fall off the 2014 list.

And perhaps ironically, 'trustno1' comes in at number 25.

The bad news from my research is that this year's most commonly used passwords are pretty consistent with prior years.

The good news is that it appears that more people are moving away from using these passwords.

In 2014, the top 25 passwords represented about 2.2% of passwords exposed. While still frightening, that's the lowest percentage of people using the most common passwords I have seen in recent studies.

– Mark Burnett, online security expert