Digital Transformation

List of leaked passwords suggests people are not taking data protection seriously

Too many people seem to be using passwords that would be simple to guess.

Despite regular reminders about implementing strong passwords for data protection reasons, people all over the world are apparently not taking cyber security seriously enough.

A study published by The Register to find the top 25 most commonly leaked passwords of 2012 revealed that the top one is still ‘password’, meaning that hackers would easily be able to get through the security step.

The list was taken from data dumped online by criminals, suggesting some information could already have been stolen.

Second position in the list went to ‘123456’, while the slightly longer ‘12345678’ took third spot.

The top five was rounded off by ‘abc123’ and ‘qwerty’, while other entries included ‘jesus’, ‘football’ and ‘welcome’ – the latter was presumably lifted from the greeting screen on the computer at the time when users were asked to come up with a password.

It is potentially worrying news for companies and individuals in a year when high-profile organisations such as Yahoo! and LinkedIn have suffered security breaches, despite having measures in place to defend against them.

Furthermore, many firms are now allowing employees to take their own devices into the workplace in order to boost productivity while reducing costs.

However, if these smartphones and tablets are effectively not protected because their passwords are so bad, businesses could be putting themselves at serious risk from theft.

To counteract this, Simon Heron from Redscan recently recommended that IT users should be instructed to develop complicated passwords when registering to use networks. These should be at least eight characters long and preferably contain a mixture of upper and lower case letters mixed with numbers and special characters.

Using cloud services for backing up files that do not need to be accessed regularly may be a great way of storing data, but employees must ensure they are taking appropriate precautions to prevent their information being compromised.

By implementing a policy to promote the need for workers to install the necessary protective software on their devices and use strong passwords, companies can reduce the risk of leaving confidential files exposed.