Banking Blog

Finance Blogs » Banking Blog » Picking a banking password? Don’t use these

Picking a banking password? Don’t use these

By Claes Bell · Bankrate.com
Wednesday, January 20, 2016
Posted: 10 am ET
iStock.com/s-cphoto

iStock.com/s-cphoto

You would think that with the cost of ID theft to U.S. consumers topping $6 billion annually, people would stop using ridiculously easy-to-guess passwords. But new data suggests there has been little, if any, improvement in consumers' password choices in the last year.

The latest list of the top 25 passwords from password security firm SplashData shows that the dumbest passwords imaginable are still the most popular around: "123456" and "password" top the list, as they did last year, with lots of combinations of consecutive numbers helping to round out the top 10.

New entries in the list include "welcome," "passw0rd," and "login." Another new entry on the list: "starwars," a password even easier to discover than the weak point on a planet-destroying space station ("princess" also made a comeback). The company gathers the passwords by analyzing login data leaked in data breaches; this time it poured through 2 million passwords to come up with the list.

Keyboard patterns more obvious than people think

In 2015, more Internet users tried to outsmart thieves by selecting patterns of keys on their keyboards such as "qwertyuiop," the top line of letters on a standard keyboard. But that's not likely to work, what with many, many others doing the same thing.

"We have seen an effort by many people to be more secure by adding characters to passwords, but if these longer passwords are based on simple patterns they will put you in just as much risk of having your identity stolen by hackers," says Morgan Slain, CEO of SplashData. "As we see on the list, using common sports and pop culture terms is also a bad idea. We hope that with more publicity about how risky it is to use weak passwords, more people will take steps to strengthen their passwords and, most importantly, use different passwords for different websites."

Here's the entire top 25, and it goes without saying that if you're using any of the passwords below to access online banking, stop reading and go change it immediately.

Top 25 bad passwords

Rank Password Change from 2014
1 123456 Unchanged
2 password Unchanged
3 12345678 Up 1
4 qwerty Up 1
5 12345 Down 2
6 123456789 Unchanged
7 football Up 3
8 1234 Down 1
9 1234567 Up 2
10 baseball Down 2
11 welcome New
12 1234567890 New
13 abc123 Up 1
14 111111 Up 1
15 1qaz2wsx New
16 dragon Down 7
17 master Up 2
18 monkey Down 6
19 letmein Down 6
20 login New
21 princess New
22 qwertyuiop New
23 solo New
24 passw0rd New
25 starwars New

What makes a good password?

Is your bad password on this list? Struggling to figure out what makes a good password? Here's Splashdata's advice:

  • Use words or phrases that have at least 12 characters. Include letters, numbers and punctuation.
  • Don't use the same password on multiple websites.
  • Use a password manager to protect passwords or generate random ones.
«
»
Bankrate wants to hear from you and encourages comments. We ask that you stay on topic, respect other people's opinions, and avoid profanity, offensive statements, and illegal content. Please keep in mind that we reserve the right to (but are not obligated to) edit or delete your comments. Please avoid posting private or confidential information, and also keep in mind that anything you post may be disclosed, published, transmitted or reused.

By submitting a post, you agree to be bound by Bankrate's terms of use. Please refer to Bankrate's privacy policy for more information regarding Bankrate's privacy practices.
1 Comment
Lynda
January 21, 2016 at 12:10 pm

Thank you for having your information right here on this page in one place. I don't do the click to go to another page-I just delete!