Password Psychology & SplashData’s List

SplashData released its 2017 worst passwords list on Tuesday with ‘starwars’ taking the sixteenth slot.

The company warned against picking overused combinations, but the psychology behind passwords implied that a majority of people will not change their ways. They continued to protect their information with the basic, boring “12345” and “starwars” when users could be using passwords like “AdobeWan.”

Number 16, “starwars,” fell right below “abc123,” according to SplashData. “Other newbies include the self-explanatory “letmein” (No. 7), the sweet “iloveyou” (No. 10) and the flippant “whatever” (No. 23).”

The basic of the basic top password for 2017 was “12345.” It remained worst from SplashData’s 2016 list.

Psychological Aspect

LastPass explored the psychology behind bad passwords in an infographic after surveying a global population of 2,000 people on their password habits.

“While a majority 59% knew secure passwords were important, a significant 41% still chose passwords that were easy to remember, or used the same password over multiple services,” according to LastPass.

LastPass called this the “password paradox.” It’s “a type of cognitive dissonance where people know what a secure password should be, yet continue to select simple passwords out of habit or convenience.”

The infographic covered several invisible biases that impact password selection. Essentially, people picked a password based on what they remembered because they were afraid of forgetting it.

The password “starwars” appeared on the list because it’s pop culture– it’s what people thought about with the new movie coming out and the media buzz around it.

Security Risk

Basing personal passwords on massively popular and basic phrases poses a significant safety risk.

The list was “created using data from more than five million passwords that were leaked by hackers in 2017,” SplashData reported.

Data security suffered a significant number of publicized hacks over the last two years that ranged from attacks and ransoms to extortion. As a provider of password management applications, SplashData knows the dangers of overused passwords.

“Hackers are using common terms from pop culture and sports to break into accounts online because they know many people are using those easy-to-remember words,” Morgan Slain, SplashData CEO, said.

Fortune noted that people are aware of this, but continue to use guessable passwords like “12345” and “password,” which both remained in the top two ranks of SplashData’s list for the fourth year, and equally predictable variations cover 6 other listings in the top 25.

“We have seen an effort by many people to be more secure by adding characters to passwords, but if these longer passwords are based on simple patterns they will put you in just as much risk of having your identity stolen by hackers,” Slain said.

LastPass’ survey indicated that the most popular reason people changed their passwords is because they forgot the previous password.

“An overwhelming 91% of respondents understood the risk of reusing passwords, yet almost two-thirds continued to do so,” LastPass found.

People know the risk, but a combination of laziness and fear of forgetfulness results in the use of common passwords that range from pop culture to family/pet names and special numbers.

2017 List

Chances are, that goofy, simple password is neither unique nor safe– certainly not if it’s on SplashData’s list (the first 25):

  • 1 – 123456 (ranking unchanged since 2016 list)
  • 2 – password (ranking unchanged)
  • 3 – 12345678 (up 1)
  • 4 – qwerty (up 2)
  • 5 – 12345 (down 2)
  • 6 – 123456789 (new)
  • 7 – letmein (new)
  • 8 – 1234567 (Unchanged)
  • 9 – football (down 4)
  • 10 – iloveyou (new)
  • 11 – admin (up 4)
  • 12 – welcome (unchanged)
  • 13 – monkey (new)
  • 14 – login (down 3)
  • 15 – abc123 (down 1)
  • 16 – starwars (new)
  • 17 – 123123 (new)
  • 18 – dragon (up 1)
  • 19 – passw0rd (down 1)
  • 20 – master (up 1)
  • 21 – hello (new)
  • 22 – freedom (new)
  • 23 – whatever (new)
  • 24 – qazwsx (new)
  • 25 – trustno1 (new)

Variations of “starwars” also appeared on 2015’s list– the year “The Force Awakens” was released.

“The rise of Star Wars passwords coincides with the years that have featured big movie openings from the main branch of the franchise,” according to CNET.

The prominence of pop culture in the list of most used passwords proves the relationship between what people think they will remember and what’s going on in the world.

Related posts

Leave a Comment