LOS GATOS, Calif. – SplashData released Tuesday the 2015 edition of the “Worst Passwords List” the company announces every year.

The ridiculously weak passwords “123456” and “password” once again ranked as the most commonly used among North American and Western European users, which shows how people are still putting their online accounts at risk.

The California-based firm collected more than 2 million leaked passwords during 2015. Some of them appeared for the first time in a SplashData list, such as “access” (17th) and “superman” (21st), while some others were longer in a failed attempt to make a more secure password.

Image: WIRED UK
Although this kind of lists appear every year, many people don’t seem to learn the importance of having a strong password. Image: WIRED UK

The company affirms that users don’t necessarily improve their online security by choosing longer passwords and describes this effort as a “worthless security measure”, since the most commonly used passwords were made of simple patterns that would be pretty easy to guess by hackers.

For instance, “1234567890” (first two columns of main keys on any standard keyboard) and “qwertyuiop” (top row of keys on any standard keyboard”) were included on the top 25 list for the first time, but they are not hard to guess just because they’re made of longer patterns.

Just like in past years’ lists, simple numerical passwords were on the top 10 of the 2015 list. Sports remain increasingly popular among passwords themes, with “football” and “baseball” also on the top 10 of the list. In contrast, new Star Wars-themed passwords appeared for the first time since SplashData began monitoring commonly used passwords in 2011.

“When it comes to movies and pop culture, The Force may be able to protect the Jedi, but it won’t secure users who choose popular Star Wars terms such as ‘starwars’, ‘solo’, and ‘princess’ as their passwords. All three terms are new entries on this year’s list”, reads SplashData’s website.

SplashData is a provider of password management applications such as SplashID for consumers and TeamsID for businesses. The company’s annual “Worst Passwords List” seeks to raise awareness of the use of stronger passwords in order to enhance Internet security.

According to the company, passwords with simple patterns and common themes such as sports and pop culture put users at a higher risk of having their identity stolen by hackers. Moreover, SplashData strongly recommends the use of different passwords for different websites, as well as the generation of passphrases of twelve characters or more with a combination of mixed types of characters.

SplashData’s offers TeamsID and SplashID password managers can help you organize and protect your passwords. The tools are also capable of creating random passwords and allow you to automatically log into websites. Whether you need this kind of tool for your business or personal accounts, give it a try and improve your Internet security.

Here’s the list of the the 25 most popular passwords discovered in data breaches in 2015, according to SplashData:

1) 123456
2) password
3) 12345678
4) qwerty
5) 12345
6) 123456789
7) football
8) 1234
9) 1234567
10) baseball
11) welcome
12) 1234567890
13) abc123
14) 111111
15) 1qaz2wsx
16) dragon
17) master
18) monkey
19) letmein
20) login
21) princess
22) qwertyuiop
23) solo
24) passw0rd (using zero)
25) starwars

Source: TeamsID, by SplashData