Home Science & Technology Even C-suite executives use horrible passwords such as “123456”

Even C-suite executives use horrible passwords such as “123456”

105
0


Many high-level executives and business owners rely on weak and simple passwords, making their companies more vulnerable to data hacking, NordPass says.

Image: jamdesign / Adobe Stock

No matter how often we are encouraged to use strong and strong passwords to protect our accounts, many people still do not understand this message. And it’s not just the case with regular website users and employees: a report released Tuesday by NordPass Password Manager looks at how even C-suite executives and business owners are trying to protect their accounts with some of the most dangerous passwords that can only be imagined.

For his report «The most popular passwords used by business executives”, NordPass has partnered with independent researchers to compile a list of passwords hacked as a result of more than 290 million data hacks worldwide. Passwords were classified according to job title and industry because the study focused on those found among CEOs, C-Suite executives, business owners, and managers.

The ever-popular and always-vulnerable “123456” received the highest award as the most common password on the list, found more than 1 million times. Password “password” came in second among four different types of roles revealed more than 700,000 times. From there, the list diverged depending on the title of the post.

“12345” was the third most common password for CEOs and level C executives and the fourth most common password for business owners and managers. Next, “123456789” was the fourth most popular among CEOs and managers of level C and the third most popular for business owners and managers.

To complete the top five, an easy-to-recruit but easy-to-compromise “qwerty” ranked fifth among CEOs and managers. “1234” ranked fifth among business owners, and “Password” with a capital letter ranked fifth among managers. Other passwords at the top of the list included “qwerty123”, “1q2w3e”, “111111”, “abc123” and “123123”.

But it wasn’t just easy to type and easy to memorize letters and numbers that appeared as passwords. Many executives, managers and business owners have resorted to popular names.

The two most common names used as passwords were “tiffany” and “charlie”. However, “Michelle”, “Ashley” and “Jennifer” also deserved their places. Also on the list were “Michael” and “Jordan”, probably adopted by business executives who are also basketball fans. Even animals came into play, both real and imaginary, with passwords such as “dragon” and “monkey”.

WATCH: Password cracking: why pop culture and passwords don’t mix (free PDF) (TechRepublic)

Although many of the passwords found were ridiculously bad, the consequences of using such passwords are not ridiculous. In the event of data hacking, hackers can use brute force tools to retrieve these passwords in less than a second, opening the door to capture accounts and trade-offs. And the danger is even greater when high-level executives use weak passwords, as such accounts can be the key to unlocking confidential and proprietary data.

To protect your organization from the dangers of weak and simple passwords, NordPass offers a few tips.

Use a password manager. Trying to come up with and remember a strong and unique password for each account is impossible without help. Password Manager will create, store and apply strong passwords for all your accounts. Most from above password managers are available in business versions or in corporate versions that organizations can deploy and manage for all employees.

Cybersecurity stress training. Because weak passwords and other errors can lead to data hacking, invest in the right type of security training for all employees. Emphasize the importance of using strong passwords to protect user accounts as well as company data.

Implementation of multifactor authentication. The Foreign Ministry adds a vital level of protection. Even if the account password is leaked or stolen, an attacker cannot use it to log in without this second form of verification from a mobile device or security key.

Previous articleStrategizing an efficient renewable energy portfolio
Next articleНовыя рэгіёны развіваюцца, каб здабываць больш нафты на фоне заклікаў урада да павелічэння вытворчасці