It's that time again – to delve into another list of the most popular, and therefore worst, passwords people use online, this time courtesy of Senior Lecturer in Computing at Lancaster University, Dr Jeff Yan. Here are the 10 worst passwords in 2016 – are you at risk of being hacked?
Dr Yan complied the list of the top 10 most popular passwords from a leaked Yahoo database, which seems to have come from the massive data breach that hit the company a few months ago.
As you'd expect, the list is worrying to say the least, with '123456' in the top spot, followed by that old favourite: 'password'.
Related: Best free antivirus
At number three was 'welcome', with the somewhat incongruous 'ninja' at number four, followed by the slightly more predictable but no more secure 'abc123'.
Next up was ‘123456789’, then ‘12345678’, after which came ‘sunshine’, ‘princess’, and ‘qwerty’ respectively.
Speaking to The Daily Mail, Dr Yan said: "Why do [some] use such obvious passwords? A main reason I think is that they’re either unaware of or don’t understand the risks of online security.
"Just like everybody knows what one should do when red lights are on in the road, eventually everybody will know 123456 or the like is not a good password choice."
The database from which Dr Yan pulled the passwords is made up of obsolete accounts from a 2012 voice-calling service.
Researchers from Lancaster University and Peking and Fujian Normal universities in China managed to guess password for more than 73% of users' accounts after creating special algorithms. What's more, a third of more difficult passwords were cracked in 100 guesses.
The latest list of dubious passwords follows numerous others, with one such list appearing in January this year after security group SplashData collated information from cybersecurity breaches in the USA and Europe.
At the top of that list, once again, was '123456', followed by 'password' – the same top two as Dr Yan's new list.
If you want to stay safe online, Microsoft lists the following tips for password creation on its Windows support page:
- At least eight characters long
- Does not contain user name, real name, or company name
- Does not contain a complete word
- Is significantly different from previous passwords
- Contains at least one uppercase letter, lowercase letter, number, and symbol
Watch The Refresh: The best tech gossip and reviews every week
Let us know what you think of the latest worst password list in the comments.