An annual list of the world's most common passwords has revealed that we are still falling into dangerous traps when we set our password. The top five are the five most easily guessed, and number one is truly shocking: the most common is the word 'password'.
So why are we taking such risks, and how can we set better passwords?
Fight back - latest on scams
Researchers for SplashData looked through millions of passwords stolen by hackers over the past year. They found that 'password' is still the most common option - because we want something that we can remember, and this is the first thing that springs to mind. For the same reason, the rest of the top five are made up of simple sequences: 123456, 12345678, abc123 and qwerty.
The trouble is that if a password is the first to spring to mind for you, it'll be the first to spring to mind for thousands of other people too - so that when someone is trying to get into your accounts, all they have to do is try a few of the usual suspects and they are in. The experts warn that anyone opting for one of the top five is very likely to fall victim to hacking in future.
Fight back - latest on scams
Ross McKerchar, a cybersecurity specialist from Sophos warns: "The human element is often referred to as the weakest link in a secure system. Time and time again studies have demonstrated that we are not good at choosing passwords, nor can we keep them secret."
Beyond the top five, a few trends start to crop up. The first is popular characters, these include things like monkey at 6, dragon at 8, and ninja at 23.The second trend is hobbies, so baseball is at number 10 and football at 20. The third is very popular phrases such as letmein at 7, iloveyou at 11 and trustno1 at 12.
The company says that if you see your password anywhere on this list, you must act quickly to change it and protect yourself. Morgan Slain, SplashData CEO said: "Even though each year hacking tools get more sophisticated, thieves still tend to prefer easy targets." He added. "Just a little bit more effort in choosing better passwords will go a long way toward making you safer online."
"We're hoping that with more publicity about how risky it is to use weak passwords, more people will start taking simple steps to protect themselves by using stronger passwords and using different passwords for different websites."
The company has offered a number of tips for stronger passwords. It says you should ideally have eight or more characters - of mixed types. One of the simplest ways to do this is to opt for a phrase you can remember, with a number or other character in between each word.
It also says you need to come up with different passwords for each site, and at the very least avoid using the same one for email, social networking, and financial services.
If you struggle to remember them all, you can use a password manager application that organises and protects passwords and can automatically log you into websites. There are numerous applications available to help you do this.
The most popular/worst passwords
- 1. Mid-contract price hikes
<p>It is reasonable to assume that if you take out a mobile phone contract at £30 a month for 24 months that's exactly what you'll pay unless you exceed the tariff. Yet mobile phone providers have come under fire for a snag buried in the small print – a clause to allow mid-contract price rises.</p>
<p>Prices are rising by a median of 81p a month and 70% of consumers are completely unaware off this sneaky move, according to Tesco Mobile, so be sure to check any new contracts before you sign the dotted line.</p>
- 1. Land banking
Land banking involves plots of land offered for sale, often online, with the promise of sizable returns when planning permission is approved for housing or other development. Yet often the land is located in areas protected from development by planning law.</p>
The companies involved soon disappear with investors' money and as the firms are not protected by the Financial Services Authority, their funds are not covered by the Financial Services Compensation Scheme</p>
- 2. Money mule
Fraudsters recruit unknowing accomplices through email under the guise of offering employment, seeking a personal favour, or through internet shopping sites. The recruits are persuaded into receiving what are essentially fraudulent payments and then passing funds on.</p>
The 'mules' are frequently offered a small financial incentive to encourage involvement and face difficulties in proving their innocence when the fraud is discovered.</p>
- 3. Carbon credit fraud
The scams claim to offer people the chance to profit from carbon credits. Under regulations that permit businesses to emit a tonne of CO2 – the companies claim to offer investment in green projects like a forestry scheme or a solar panel project, which generates carbon credits that are then sold on to heavy industry.</p>
A flashy brochure or website tells of a reliable 'government-backed' scheme which provides reliable returns for investors. Such a scheme doesn't exist however – a reality investors only discovered when they have parted with their cash and the company is untraceable. As with land banking, fraudulent companies are not covered by the FSA so victims have no course for recompense</p>
- 4. HMRC phishing scam
Receiving an email from the taxman saying you are owed a payment may seem like a nice surprise, but it is actually from fraudsters trying to relieve you of your cash instead.</p>
The emails provide a "click-through link" to a cloned replica of the HMRC website. The recipient is then asked to provide their credit or debit card details - all the information the criminals need to clear your account, and sell on your personal details.</p>
- 6. Crash for cash scams
Insurer Direct Line reported a hike in the number of 'crash for cash' scams last year – where fraudsters fake accidents by making unnecessary emergency stops at busy roundabouts or slip roads, forcing motorists to crash into them.</p>
They then make bogus claims to the innocent motorist's insurer, often including fictitious injuries and passengers.</p>
- 7. Driving school scams
Learner drivers have been taken for ride by being unknowingly taught by trainee instructors. An investigation by the AA found up to 27,000 extra driving tests have been failed in the last year because one in 10 learner drivers are unwittingly taught by an instructor they do not know is learning on the job.</p>
- 8. One man mail scam
July saw the arrest of a Leicester postman who stole £46,686 worth of mail over two-and-a-half years. Yogeshbhai Patel, 38, was jailed for two years for stealing mail including 2,000 DVDs and 2,250 games along with CDs and other electrical equipment. He intercepting the valuable packages and spent the money on living a luxury lifestyle including helicopter rides and a trip to Las Vegas.</p>
- 9. Smart meter scam
The Trading Standards Institute reported over 200 cases where elderly homeowners have been targeted by telephone cold callers, purporting to be from their energy supplier and offering energy saving devices which could cut their bills by 40%.</p>
The TSI tested the devices in homes where owners had fallen for the scam, only to find they both failed to satisfy electrical safety standards or deliver any tangible energy savings.</p>
- 10. Thermal camera fraud
Thermal cameras that track ATM pin numbers are the latest weapon in their arsenal and US scientists have warned it is the next threat for this form of crime. Researchers at the University of California at San Diego found that up to 45 seconds after a person types their pin code into an ATM machine or door entry pad the numbers and even the sequence are still readable by thermal cameras.</p>