A compelling case to change all those finance passwords pronto
You know what makes a bad password: 12345, 11111 or even password itself! But there’s new research on the passwords that get hacked the most often. And they’re different from the usual suspects.
More importantly: This new list offers some new insight into how your people may be picking codes that lead hackers right into your company’s sensitive systems.
Check out what they discovered so you can feel confident none of your staffers are leaning on these predictable patterns when they set their safeguards.
The not-so-great 8
A security organization in the UK analyzed which passwords were most often involved in a data breach.
Here are the eight that are more likely to open the door to cyber-crooks and that you want staffers to scrub from their rotation:
- blink182
- liverpool
- superman
- manutd
- ashley
- michael
- cowboys1, and
- iloveyou.
While this data was collected in the UK, it highlights a trend as far as what people tend to pick:
- sports teams
- musicians, and
- fictional characters.
Those are categories you want to steer employees away from when creating their passwords. Because if they can think of them, so can crooks!
And there’s more reason than ever to embrace some next-level passwords.
Earlier this year the largest personal data breach in history hit. It captured:
- 772.9 million emails
- 21.2 million passwords, and
- 1.1 billion unique combinations of email addresses and passwords.
“Collection #1” attacked personal records, but if employees use the same passwords for multiple accounts, including work ones – and many folks do! – you could have been vulnerable. Plus, some folks still share their passwords with their co-workers.
They’ll keep trying ‘til they get in
Hackers can use the stolen email and password combinations to test them across all online accounts with a technique known as “credential stuffing.”
How it works: Thieves (often via botnets) keep trying every stolen email/password combo until they can get in to a system.
Whether or not any of your people were hit by Collection #1, there’s a very valuable lesson: Have every employee immediately change any company system password that they also use on a personal account.
Free Training & Resources
White Papers
Provided by Personify Health
White Papers
Provided by Anaplan
Webinars
Provided by Yooz
Further Reading
In 2022 about a dozen states put law changes – some at the constitutional level – directly into the hands of the voters on Elec...
“I can’t wait to sit in another hour-long meeting!” — said No One. Ever. It’s bad if an employee dreads it. It’s wor...
Year after year, surveys show about half of all employees don’t tap their allotted personal time off (PTO). While some companies allo...
Businesses that let new customers sign up via a click of the mouse may be forced to make cancellation of a subscription just as easy. Th...
The demand for finance chiefs is growing. Yet more companies are replacing their CFOs. Even so, CFOs are a lot less worried about AI taking...
What company wouldn’t opt for an employee benefit that helps new families out and pays for itself in various ways? A recent report on...