Is “password” your password?

Despite the obvious insecurity in using the word "password" as your password, it’s the most popular (and least secure) password used on the Internet, according to a new list published by SplashData.

The Internet security firm’s annual list of scary logins comes just in time for Halloween -- with a warning. Anyone caught using these lame passwords is most likely already or soon to be the victim of a security breach.

"At this time of year, people enjoy focusing on scary costumes, movies and decorations, but those who have been through it can tell you how terrifying it is to have your identity stolen because of a hacked password,” said Morgan Slain, SplashData CEO.

[pullquote]

“We're hoping that with more publicity about how risky it is to use weak passwords, more people will start taking simple steps to protect themselves by using stronger passwords and using different passwords for different websites."

Several high profile password hacking incidents dotted headlines in 2012, including a handlful at major sites including Yahoo, LinkedIn, eHarmony, and Last.fm.

But despite these -- and the publicity created around the 2011 list of the worst Internet passwords -- little has changed, SplashData noted: The top three passwords, "password," "123456," and "12345678," remain unchanged from last year's list.

New entries to this year's list include "welcome, " "jesus," "ninja," "mustang, " and "password1."

SplashData, provider of the SplashID Safe line of password management applications, releases its annual list in an effort to encourage the adoption of stronger passwords. It culls the list from millions of stolen passwords posted online by hackers.