'123456' tops annual worst passwords list

Poor passwords are a major hurdle to IT security.

It's a scene out of a Hollywood comedy. The criminals are trying to hack a computer by trying to guess the password. They think "there's no way the password is "password" and yet when they type it in, they are shocked that it actually works. The unfortunate truth is that this simple phrase being used for security purposes if far more common than one might think. 

According to the annual report from SplashData that examined the worst passwords used, the 2013 list is topped by "123456," "Password," "12345678" and "qwerty" and was compiled from files containing millions of stolen passwords posted online during the previous year. This list was heavy influenced by the October Adobe hack that affected upwards of 48 million users.

A PCworld article about the study reported that "password" has been at the top of this list for some time and will probably regain the top spot in the years to come. That thought alone is frightening and is enough to give any IT security expert sleepless nights.

"Weaker passwords are more susceptible to brute-force attacks, where hackers attempt to access accounts through rapid guessing," the article reads. "And when encrypted passwords are stolen, weaker ones are the first to fall to increasingly sophisticated cracking software."

While many organizations are getting better about password requirements, issues like this will still exist. Businesses need to ensure that there are protocols in place to ensure company data is safe. Many firms turn to security focused integrators to recommend and implement cutting edge solutions. VAR Staffing helps IT security solution providers identify and recruit the impactful talent that is needed to combat growing security concerns.