What have the words password, baseball, dragon, football, monkey, mustang, access, shadow and master in common?
They all made the word passwords of 2014 list. The list, compiled by Splashdata, is based on 3.3 million passwords that leaked during 2014.
One could say that 3.3 million passwords are not really representative when it comes to online password use but since that is all the data that is available, it can be used to analyze trends.
And the main trend of 2014 seems to be that people are still as careless about online passwords as they were in previous years.
The passwords "123456" and "password" retained the top spot while other favorites such as "qwerty", "letmein" or "111111" are still in the top 25 list just like they were in previous years.
The big issue here is accounts can be easily attacked using brute force attacks that use dictionaries that contain the top 100, top 1000 or even top 10000 passwords and variations.
While password selection comes down to each individual user, it is not only the fault of the user that online security is in this predicament.
Online companies prefer to keep enforce basic password policies that are not too much of a nuisance to users. This in fact has not changed a lot since 10 or even 15 years ago where nearly the same rules were in effect.
Lets take a look at name and password guidelines of popular Internet companies
While most companies use low character limits for user account passwords, most suggest to users that they should use stronger passwords. Twitter for instance suggests to use a unique password that is at least 10 characters strong and uses a mix of uppercase, lowercase, numbers and symbols.
Why are not companies enforcing recommended password rules then? It is not clear why but an explanation that makes sense is that they fear that they would lose users over this who turn away in frustration when their passwords are not accepted during sign-up or password change.
Internet users who want to improve the strength of their passwords should consider using password managers like LastPass, KeePass or Dashlane as they will generate and store secure passwords for users.
Now You: What's your take on password use on today's Internet?Advertisement
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.