Study finds we're still terrible with passwords

Breaking news: we still do a really bad job creating secure passwords.

According to SplashData's fifth annual list of the worst passwords, the top two are "123456" and "password." To show how little has changed with password making: those two choices have been the top two most popular since SplashData started the list in 2011.

The report is compiled using 2 million passwords leaked during the year.

Rounding out the top 5: "12345678," "qwerty," and "12345."

Star Wars had an impact on users' password choices, with three entries boasting connections to the movie franchise -- fresh off the launch of December's Star Wars: The Force Awakens -- "princess," "solo," and "starwars."

"We have seen an effort by many people to be more secure by adding characters to passwords, but if these longer passwords are based on simple patterns they will put you in just as much risk of having your identity stolen by hackers,” said Morgan Slain, CEO of SplashData, in a statement released Tuesday. “As we see on the list, using common sports and pop culture terms is also a bad idea."

SplashData does offer tips on improving password etiquette, such as using a password manager like Dashlane or LastPass, and avoid using the same password for multiple sites.

Fortunately, some tech companies are testing ways to remove the need for a password altogether. Yahoo introduced an Account Key for its Mail app that leverages push notifications to access email without a password. Google is reportedly testing a similar login process.

Follow Brett Molina on Twitter: @brettmolina23.