World Password Day is a timely reminder that password security is a fundamental component of any successful cybersecurity strategy. Every week we report on notable breaches and intrusions, and inevitably stolen, cracked or badly created passwords are to blame – 80% of data breaches in 2019 were caused by password compromise.
Bad passwords are bad news and it pays to pay attention to what makes a password good or bad. What we’ve uncovered in our analysis of common password mistakes should be of particular interest to people named George, Disney fans, and sports fans (we’re looking at you University of Alabama Crimson Tide fans).
In honor of World Password Day, here’s a look at five big mistakes that users can make when choosing a password, plus two ways to stop bad passwords from putting your data and systems at risk.
Showing your team spirit
Wear your team pride on your sleeve but keep it out of your password. Using a popular sports team or slogan in your password is about as smart as tagging your mascot in on defense.
Even using sports in general
Sports fans can quickly find themselves on the receiving end of a penalty like a data breach with these insecure passwords – and America’s favorite pastime is a favorite here too.
Turning to superheroes or animated characters
You’ll be more frustrated than Rabbit after Tigger bounces through his carrot patch if using a character’s name as your password leads to your data becoming compromised.
Shouting out songs and bands
Yes, it’s smart to use multiple characters, letters, and numbers in your password, but you’re only scoring a hit for cybercriminals with these 5 chart-topping bad passwords.
5. 8675309 (bet you said “nii-eee-iiine” when you read that)
Playing the name game
By George, don’t use common first names when creating passwords. It’s far too easy for cybercriminals to leverage social media or baby name trends to maximize on monikers.
While education and complexity can help combat the scourge of bad passwords, they’re almost inevitably still going to be a problem. A recent Dark Web dump revealed that 40+ staffers at the World Health Organization were using “password” as their password!
Mitigate the risk of a password-related data breach or other cybersecurity disasters by adding two simple yet effective tools to your arsenal that can notch major wins for both your defensive strategy and your IT budget.
Use Multifactor Authentication
Multifactor authentication (MFA) is the single easiest way to defang a bad password. Passly is our new remote-ready secure identity and access management solution that combines MFA with other tools including single sign-on and secure password storage vaults to deliver powerful protection at an excellent value.
Watch the Dark Web
It’s easier to protect companies against intrusion from stolen or cracked passwords if you know that the bad guys already have them. Password dumps containing thousands of passwords drop on the Dark Web every day. Be forewarned and forearmed with Dark Web ID to be informed immediately if yours are hitting the market (or already there) to prevent a system break-in that can break the bank.
Celebrate World Password Day by reviewing your password and login protection strategy to see if it’s time for an update, especially as remote work adds major new cybersecurity risks.