The security firm SplashData publishes its list of the 25 worst passwords of 2013.

Thanks to the Adobe security breach last year, which exposed the IDs and encrypted passwords for 38 million Adobe.com users, we now know that probably the most usual password on the web is “123456.”

As such, SplashData, a working laptop or computer security firm that makes password management apps, recognized “123456” because the “Worst Password of 2013.” The corporate says its list of the 25 worst passwords relies at the frequency of passwords found online by reason of disclosures — largely but not exclusively from the Adobe incident. The convenience with which these passwords can be cracked using brute-force methods shouldn’t be taken under consideration.

A two-time runner-up, “123456” has dethroned “password,” a native favorite using its jaw-dropping obviousness and its always amusing self-referential nature. It slipped only to No. 2 at the list and will regain the pinnacle spot if consumer disinterest in security continues this year, because it has for many years. Computer buyers have neglected security kind of since personal computers became popular inside the 1980s.

[Want more password tips? Read Sweet Password Security Strategy: Honeywords.]

Coming in at No. 3 (unchanged from last year), now we have “12345678.” What’s unclear is why more people surrender after typing eight digits than bother persevering to “123456789” and “1234567890,” which occupy the No. 6 and No. 13 spots, respectively. Inexplicably, “1234567” shows up at No. 8.

At No. 4, we discover “qwerty,” which, like “123456,” includes six characters of similar obviousness — someone figured having a password spelled out at the keyboard would make a convenient mnemonic. Why six characters? Perhaps within the vain hope of keeping out hackers who surrender after exhausting their default configuration of 5 fingers. Another dismal password, “111111” (No. 7 at the list), also sports six characters.

The No. 5 password, “abc123,” shows computer users mixing up letters and numbers. It is the start of a workable computer security strategy, though that is not enough to maintain the password from being awful and obvious.

At No. 9, there’s the unexpected but still insecure “iloveyou.” Adorable though it would be, it suggests two people sharing a user account, which is not really an advisable security practice. Alternately, it hints at someone with a misplaced affinity for technology who really should get out more.

At No. 10 is “adobe123,” earlier than “photoshop,” at No. 15. Neither entry comes on the subject of being secure — doubly in order passwords on Adobe.com.

This year will mark the 10th anniversary of the Bill Gates prediction “Through the years, persons are going to rely less and fewer on passwords.” Finally, after a decade, the needle is beginning to move. We’re commencing to see how to enhance the weak security offered by passwords. Google and Twitter are using two-factor authentication. Facebook offers something similar with its Login Approvals. And Apple has introduced the Touch ID biometric authentication system with its iPhone 5S.

Even so, expect another such list on the end of 2014. Bad passwords will remain an argument for future years.

Thomas Claburn is editor-at-large for InformationWeek. He have been writing about business and technology since 1996 for publications akin to New Architect, PC Computing, InformationWeek, Salon, Wired, and Ziff Davis Smart Business. He’s the writer of a science fiction novel, Reflecting Fires, and his mobile game Blocfall Free is out there for iOS, Android, and Kindle Fire.

InformationWeek Conference is an exclusive two-day event happening at Interop where you’ll be able to join fellow technology leaders and CIOs for a packed schedule with learning, information sharing, professional networking, and celebration. Come learn from one another and honor the nation’s leading digital businesses at our InformationWeek Elite 100 Awards Ceremony and Gala. You will find out additional info and register here. In Las Vegas, March 31 to April 1, 2014.