SplashData, a purveyor of password managers, has produced its annual list of the year’s worst passwords.
The top ten are
I guess we should all be shocked at how poor these passwords are. However, there’s no breakdown of which sites these passwords came from.
If they are all from bank accounts then, yes—OMG! However, if the bulk of them are from “sign up to read this article” sites then, meh. If I create an account just to download a free PDF, I don’t care in the slightest if my account is hacked.
To draw conclusions about behavior we need to play close attention to context.