The annual list of the worst passwords for 2014 has been posted. Last year, there were over three million leaked passwords. One of the interesting by-products of these leaks is the list of the top passwords. SplashData posted their list of the top-25 (and therefore, worst!) passwords. If you see any of your passwords on this list, change it!
1 123456 (Unchanged from 2013)
2 password (Unchanged)
3 12345 (Up 17)
4 12345678 (Down 1)
5 qwerty (Down 1)
6 1234567890 (Unchanged)
7 1234 (Up 9)
8 baseball (New)
9 dragon (New)
10 football (New)
11 1234567 (Down 4)
12 monkey (Up 5)
13 letmein (Up 1)
14 abc123 (Down 9)
15 111111 (Down 8)
16 mustang (New)
17 access (New)
18 shadow (Unchanged)
19 master (New)
20 michael (New)
21 superman (New)
22 696969 (New)
23 123123 (Down 12)
24 batman (New)
25 trustno1 (Down 1)
Interesting to note that the number one password has been unchanged for years. I even saw it on a nationally televised game show a few years back.
Your security is only as good as your weakest link. Passwords should be "strong". That is, passwords should be at least eight characters long, and contain uppercase letters, lowercase letters, and symbols. At your next staff meeting, share this list with EVERYONE in your small business.