A new research paper has listed the top-ten least-secure passwords currently in use online.

Published by Lancaster University in collaboration with China's Fujian Normal University and Peking University, the study is based on a leaked Yahoo database of personal information. 

The most popular password favored by Yahoo users was “123456.” The second most common was the brilliant “password.” This was followed by “welcome” in third, and “ninja” in fourth position.

The next two passwords on the list are actual words - “sunshine” (eighth) and “princess” (ninth) – while the final place is occupied by word “qwerty.”

Dr. Jeff Yan, co-author of a paper on password cracking and a senior computing lecturer at Lancaster University in the UK, compiled the list. He told the Daily Mail Online: Why do [some] use such obvious passwords? A main reason I think is that they’re either unaware of or don’t understand the risks of online security. Just like everybody knows what one should do when red lights are on in the road, eventually everybody will know 123456 or the like is not a good password choice."

In addition to revealing the commonly-used passwords, the University researchers, along with those from China’s Peking and Fujian Normal Universities, created algorithms that can crack passwords.

Based on attackers having access to different personal information, they guessed passwords for more than 73 percent of users’ accounts. A third of their passwords were cracked within 100 guesses.

The top ten most commonly used passwords were:

  1. 123456
  2. password
  3. welcome
  4. ninja
  5. abc123
  6. 123456789
  7. 12345678
  8. sunshine
  9. princess
  10. qwerty