Researchers at Keeper Security have analysed millions of passwords (mostly from the various data breaches of Yahoo and the like that we blogged about last year) to discover which of these are the most common (and therefore the worst).
Amazingly, the most common password, 123456, was used by a whopping 17% of all the accounts they analysed. This is notable for a couple of reasons. Millions of people that are so unconcerned about their security that they're happy to basically have no password at all. However, the various systems must have had no enforced password security levels in place to allow these people to set that password in the first place.
For reference, the researchers found these were the top 10 passwords:
We in the IT community have continually tried to impress on people the importance of secure passwords. As more and more of our lives move online, people are at huge risk of identity theft when they use insecure passwords. While a particular online account may seem inconsequential, it may offer clues for other services you may use that they should try logging into, or hints about secret phrases that may allow access via a "Forgotten Password" section. On top of that, so few people use different passwords on different websites that knowing one login means that all services you use are compromised.
Even if you have a secure password, you may still be at risk! If you tend to use the same pasword on multiple websites and one of those gets breached, this puts all of your other logins at risk. There is a website that you can use to see if your email address is included on the list of previous breaches
If this site indicates your address was included in a breach, it's time to change your passwords!