Photo via SplashData
Photo via SplashData

SplashData released its annual list of the worst passwords, and you guessed it, they are just as bad as they were last year. And the year before.

The password management provider found that “123456” and “password” continue to hold the top two spots that they’ve held every year since they first did a “Worst Password” report in 2011.

SplashData defines a bad password as one that “will expose anybody to being hacked or having their identities stolen.” This list represents the 25 worst passwords, held largely by users in North America and Western Europe, found in approximately 3.3 million password leaks:

1    123456 (Unchanged from 2013)
2    password (Unchanged)
3    12345 (Up 17)
4    12345678 (Down 1)
5    qwerty (Down 1)
6    1234567890 (Unchanged)
7    1234 (Up 9)
8    baseball (New)
9    dragon (New)
10    football (New)
11    1234567 (Down 4)
12    monkey (Up 5)
13    letmein (Up 1)
14    abc123 (Down 9)
15    111111 (Down 8)
16    mustang (New)
17    access (New)
18    shadow (Unchanged)
19    master (New)
20    michael (New)
21    superman (New)
22    696969 (New)
23    123123 (Down 12)
24    batman (New)
25    trustno1 (Down 1)

Want to create a smarter password? They say to avoid your favorite sport or team (so it’s probably time to ditch that “Seahawks” passcode), your birthday or common baby names. You want to use passwords with mixes of characters, letters and numbers, avoid using them on multiple sites, and use a password manager. Oh, and don’t give your password out on national television.

Like what you're reading? Subscribe to GeekWire's free newsletters to catch every headline

Job Listings on GeekWork

Find more jobs on GeekWork. Employers, post a job here.