From ‘123456’ to ‘monkey’: World’s worst passwords


Before you start thinking up a new password, you may want to start thinking about upping its complexity from a pet's name or the top row of letters on a keyboard.

According to SplashData, a security and productivity software firm, "123456" has taken the crown for most common -- and therefore most easily hacked password of 2014, according to its annual poll of the "Worst Passwords of 2014". Closely behind "123456", comes "password" – which has kept the second place for another year.

Read MoreUS, UK to hack banks to test security

maxkabakov | iStock | Getty Images

Out of the top 25, nine passwords contained only numbers, from variations on "123456" to "111111".

Other popular password combinations included "qwerty", at fifth place; "dragon" in ninth; "letmein" at 13 and "trustno1" at 25th. Additionally the film industry has had influence this year, with two new comic-themed characters -- "superman" and "batman".'

The data was accumulated from 3.3 million passwords that were leaked during 2014, with most of the culprits coming from Western Europe and the U.S.. The Top 100 included other themes such as film and car names, hobbies and swear words, according to the report.

"As more websites require stronger passwords or combinations of letters and numbers, longer keyboard patterns are becoming common passwords, and they are still not secure" wrote Morgan Slain, CEO of SplashData, in response to the report.

The report underlined that by utilizing "weak, easily guessable passwords", people are at a greater risk of being hacked; which is especially the case after the recent hacking scandals at Sony Pictures, Microsoft Outlook and the U.S. Military command's YouTube and Twitter accounts.

Read MoreMicrosoft Outlook 'hacked' by Chinese authorities

2015: The death of the password?

2015: Passwords to be phased out?

2015 could see the year that passwords become passé, in preference to "multi-factor components."

Greg Day, Chief technology officer at Fireeye, a U.S. based security firm told CNBC's European Closing Bell that "it's about building layers appropriate to the risk," comparing purchasing a newspaper to buying a car as different levels of security that needed protecting.

Greg Day added that for hackers to remain "productive they have to leverage that space" of smartphone technology and online purchases, which is becoming increasingly popular. We are now seeing "a convergence of all our of financial resources to that device." To avoid hacking, he told CNBC to "go to the places you trust" and "be careful about what information you hand-over."

In response to 2014's "worst passwords", SplashData advises its customers to do at least one of four things when it comes to password protection:

  1. Try not to use the exact username and password for a number of sites.
  2. Use a "password manager" which creates unique passwords for its users.
  3. And of course, passwords should contain more than eight characters, with multiple types of symbols.
  4. Personal information such as birthdays or favorite hobbies should be avoided, with terms like "Yankees", "lakers" and "football" all featuring in the Top 100.

Read MoreForget passwordsand pins, your body is now a key

SplashData's "Worst Passwords of 2014"

  1. 123456
  2. password
  3. 12345
  4. 12345678
  5. qwerty
  6. 1234567890
  7. 1234
  8. baseball
  9. dragon
  10. football
  11. 1234567
  12. monkey
  13. letmein
  14. abc123
  15. 111111
  16. mustang
  17. access
  18. shadow
  19. master
  20. michael
  21. superman
  22. 696969
  23. 123123
  24. batman
  25. trustno1