If you’re still wondering whether “123456” would make a strong password, the answer is still no.
The all-too-easy numerical sequence has been named by security appliance firm SplashData as the worst password of 2015, defined by the company as the most commonly-used phrase out of 2 million leaked passwords, which put users at risk of hacking and identity theft due to weak, easily-guessed combinations.
SplashData’s findings also revealed “password” was the second-worst choice of 2015. Other bad choices included sports (“football” and “baseball” rank in the top 10) and Star Wars references (with “princess,” “solo,” and “starwars” coming in as new entrants into the top 25). “123456” and “password” were also No. 1 and 2 last year.
“As we see on the list, using common sports and pop culture terms is also a bad idea,” Morgan Slain, CEO of SplashData, said in a statement.
The importance of increasing security around personal information online has shot up due to the rise in data breaches and cyberattacks over recent years. Last year, around 480 million personal data records were leaked according to one estimate, which included high-profile data breaches at extramarital affairs site Ashley Madison and the U.S. Office of Personnel Management.