Although we are in 2019, many of us are still unaware or completely ignore the basics of password hygiene. Splash Data, the password management specialist, released the ‘World’s Worst Passwords of the Year’ list. It contains the worst passwords that people have and the frequency with which these passwords occur.
Worst Passwords Ever
According to that list 10 percent of internet users have kept or they still have one of the top 25 passwords. The worst password ever ‘123456’ is still being used by almost 3 percent people. Other popular passwords included easy to use and remember passwords like ‘qwerty’ and ‘abc123’. Another popular category was popular phrases with phrases like ‘password’ and ‘iloveyou’ topping the charts.
Celebrity names have always been a favorite for people and the trend is continuing even now. Just a look at your social profile can help someone guess your password easily. If you’ve got a page full of soccer posts then don’t ever keep the password ‘lionelmessi10’ as it is a dead giveaway. So is the password with a United States president name (‘donald’ was ranked the 23rd worst password).
So what if you have a bad password?
Having a bad password completely defeats the purpose of the password. Your password is the first barrier between your network and a hacker. It’s what’s keeping the hacker away from your system, network, devices and specially your data.
Here is how you are exposed when you have a bad password:
Brute force attacks
When we think of hackers, we usually imagine a person, sitting in a basement, wearing big, thick glasses and trying different combinations of passwords. That is not the case, at all. Nowadays, what you will usually encounter is a brute force attack. With the growth and development in the security systems, the hackers have updated themselves as well. Now they employ a cracking tool that works through multiple combinations of usernames and passwords until they find the right one.
When was your last hygiene check?
Now you would never keep any of the passwords mentioned above, and you would never forget to change your password regularly. But one man is not the issue. The issue is making sure that the entire company follows the same security policy and password hygiene is a big part of it.
Define a clear Password Policy
Make sure that your employees keep the following in mind:
• Length and characters. Keep a password that is at least 12 characters long and has some special characters in it.
• Uniqueness. Make sure that you don’t have the same password for every tool.
• Secure Passwords. If you leave the selection of passwords on non-technical staff then rest assured that there will be someone who has ‘123456’ as his favorite password.
Look Beyond the Password
Let’s face the facts here. You cannot depend on your password alone anymore. One of the things that you should look into is a Security Management System that can alert you when someone tries to gain unlawful pathways into your system i.e. repeated or failed login attempts. Another thing that you should do is to stop relying on a system wide security tool and integrate individual security tools like data security systems. Make sure that you include biometrics in your new security features as they are much harder to crack or duplicate.