Cyber Access Control | MFA Enterprise Password Management | Access Smart

The 25 Worst Passwords

The 25 Worst PasswordsSplashData published their annual list of the 25 Worst Passwords on the Internet. Here is the list that all IT directors should block as acceptable logon password to websites, networks, computers, etc.

Not taking precautions could result in another sort of list such as the 1.3 million fraud or identity theft complaints that the FTC received in 2010.

1.     password

2.     123456

3.     12345678

4.     qwerty

5.     abc123

6.     monkey

7.     1234567

8.     letmein

9.     trustno1

10.  dragon

11.  baseball

12.  111111

13.  iloveyou

14.  master

15.  sunshine

16.  ashley

17.  bailey

18.  passw0rd

19.  shadow

20.  123123

21.  654321

22.  superman

23.  qazwsx

24.  michael

25.  football

There are may other security steps required to protect networks that utilize password-based authentication (See my recent post, “Just How Long Should a Password Be?” for more info).

Switching over to PKI may work for some companies but it work for many others. Or, it may even be a combination of both PKI and Passwords using a single credential like what Access Smart has done with the government’s PIV credential.

The take away is to ask why people use these weak passwords. The answer is that they need a better way to manage their passwords that is both convenient and secure.