Even Fortune 500 companies do not use secure passwords when it is common knowledge that passwords are the first line of defense. Instead, they have adopted poor password hygiene, highlighting that password security is a significant issue even among the most remarkable businesses. Early this year, researchers at NordPass – a password manager – revealed that employees in Fortune 500 companies continue to operate with simple, uncomplicated passwords. The passwords used are so easy that hackers could crack them in less than a second.
Develop proactive strategies against evolving cybersecurity threats with LIFARS.
NordPass researchers discovered it, among other things, when they analyzed data from public third-party breaches that wreaked havoc on Fortune 500 companies. Altogether, the data analyzed by NordPass experts included over 15 million violations across 17 different industries. Undoubtedly, it provided information on how Fortune 500 companies deal with their passwords.
Shocking Revelations of Research
The research indicated that even Fortune 500 companies are vulnerable to breaches because of poor password hygiene. For instance, “password” remains the most famous password across different industries. It includes the retail and e-commerce industry, technology, finance, energy, chemical industry, agriculture, media and advertising, hospitality, real estate, and HR. Similarly, other poor password hygiene practices involve using plain passwords like “123456”, “Hello123”, “sunshine,” etc. “Vacation” was the widely adopted password in the healthcare sector.
- The research revealed that the passwords that were the company’s exact name were 20%.
- The industry with the highest unique password percentile was HR, which stood at 31%.
- On the other hand, the financial services had 25%, while the telecom industry had around 20%.
Nexus of Poor Password Hygiene with the Recent Cyberattacks
NordPass gave an example of a Florida water treatment plant that faced a computer breach. It elaborated the water treatment facility was running an unsupported version of Windows without the firewall. On top of it, its employees were using the same shared TeamViewer password.
NordPass also alluded that the 2020 SolarWinds hack may have occurred because someone used the “solarwinds123” password. However, the company had rejected the claim that the weak password had any role in the success of the cyberattack. It is worth noting that a security expert reportedly warned SolarWinds of poor password hygiene. Still, it took two years to change it.
How Can You Make Your Accounts More Secure?
Here we discuss the essential tips to follow:
Use Complex Passwords and Update Them Periodically
Brute-force attacks work highly effectively against poor password hygiene. For this reason, security experts recommend making a strong password. A strong password includes at least 12 characters. It might incorporate numbers, lowercase and uppercase letters, and special symbols. At the same time, it is also necessary to schedule them for regular updates.
Educate Your Employees
It is significant to educate your employees on the importance of good password hygiene. In this day and age, education of potential risks is vital. Businesses can bring issues to light regarding why mingling personal and work passwords is dangerous for each party included. All the same, it is crucial to conduct a cybersecurity training session and set company-wide password policies.
Contact LIFARS
Poor password hygiene or weak passwords pose a serious cybersecurity threat. Hence, it is essential to take this factor seriously and ensure a company-wide password policy. Meanwhile, for cybersecurity advisory and consulting services, feel free to contact LIFARS.
References
Fortune 500 companies use passwords that are vulnerable to hack in less than a second
Hackers can crack top fortune 500 passwords in milliseconds
Passwords of Fortune 500 companies are susceptible to getting hacked in a second
Top Misfortune passwords of top Fortune 500 companies
Here is how weak passwords can put your organization at risk
Even Fortune 500 companies have poor password hygiene
