Using a database of 61.5 million anonymous passwords, researches at the password management service Dashlane uncovered some troubling password patterns. The researchers examined the data for patterns of simple mistakes that continue to be made by people who use passwords in daily life.
“It is difficult for humans to memorize unique passwords for the 150+ accounts the average person has,“ said Dr. Gang Wang, Virginia Tech computer scientist who used the list for academic research. “Inevitably, people reuse or slightly modify them, which is a dangerous practice.”
Troubling passwords found by the researchers
1 | Pervasive “password walking”
A high frequency of passwords containing combinations of letters, numbers, and symbols that are adjacent to one another on the keyboard. This practice, known as “Password Walking,” simply uses the pinky or ring finger on their left hand to type their entire password. In addition to well-known password walking like “qwerty” and “123456,” Dashlane’s researchers uncovered several other combinations that are frequently used:
- 1q2w3e4r
- 1qaz2wsx
- 1qazxsw2
- zaq12wsx
- !qaz2wsx
- 1qaz@wsx
2 | Love and hate
The researchers uncovered passwords related to love, as well as aggressive and vulgar language. The ten most frequent love/hate-related passwords:
- iloveyou
- f*ckyou
- a**hole
- f*ckoff
- iloveme
- trustno1
- beautiful
- ihateyou
- bullsh*t
- lovelove
3 | Branded passwords
The ten most frequent brand-related passwords:
- myspace (a holdover from a previous era)
- mustang
- ferrari
- playboy
- mercedes
- cocacola
- snickers
- corvette
- skittles
4 | Music and movies
Pop culture references are prevalent. The ten most frequent pop culture passwords:
- superman
- pokemon
- slipknot
- starwars
- metallica
- nirvana
- blink182
- spiderman
- greenday
- rockstar
Dashlane’s suggestions for improving your passwords
- Use a unique password for every online account
- Generate passwords that exceed the minimum of 8 characters
- Create passwords with a mix of case-sensitive letters, numbers, and special symbols
- Avoid using passwords that contain common phrases, slang, places, or names
- Use a password manager to help generate, store, and manage your passwords
- Never use an unsecured Wi-Fi connection