This research comes just a week after President Trump’s Twitter account was easily hacked due to poor password habits. Victor Gevers, security researcher and chair of the Dutch Institute for Vulnerability Disclosure, recently revealed that he could access the Twitter account of the president, thanks to his easy-to-guess password, “maga2020!”. Cyber security is a huge concern for most modern business, and it’s only getting more troubling with remote workforces. So, let’s uncover the common mistakes Americans make with their passwords, and what solutions are available. A recent study showed that the most common password remains ‘123456’. In fact, on average, one in every 142 passwords is ‘123456’. The other major issue that tends to occur is reusing passwords on multiple sites. As soon as hackers breach a database of credentials, all online accounts using the same password are compromised. And if your password is as predictable as ‘123456’, you’re at considerable risk. Here are the key findings:
45% of Americans use passwords that are eight characters or less25% of Americans share their personal passwords with other people15% of Americans use strong password generators21% of Americans have used Trump or Biden as part of their password in 2020. More Americans use Trump (12%) than Biden (9%)14% use “COVID” in their password20% admit to dropping an f-bomb or other curse word as part of their passwords
To give you an insight into the nightmarish world of poor-security management, NordVPN evaluated the highest-profile data breaches so far in 2020. Among these, the following data breaches lifted vast numbers of passwords: Zoom credentials hack – In the first week of April 2020, more than 500,000 stolen Zoom passwords were reported to be available for sale on the dark web. Some of the credentials were given away for free, while others were sold for as little as a penny each. The credentials each contained the username, password, registered email address, host key, and personal meeting URL. Marriott social engineering attack – In March 2020, the Marriott Hotel Group suffered a huge data breach, which compromised the records of 5.2 million hotel guests. Hackers were able to draw off the data of 5.2 million guests by hacking the user credentials belonging to just two members of Marriott’s staff. easyJet credential theft – The UK-based low-cost airline easyJet announced that cybercriminals had stolen data records of 9 million customers. With Europe’s strict GDPR rules, companies that breach data protection regulations could be in for some eye-watering penalties. The law firm PGMBM filed a class action lawsuit on behalf of the affected easyJet customers for $23 billion (£18bn). So, really, our main solution is to listen to experts and change up our password habits. Below, we’ve listed a few basic rules to follow when it comes to cyber security:
Have long, strong passwords, with a mixture of numbers, letters, and special charactersDon’t reuse passwords across multiple sitesStore passwords securely – let a password manager do the hard work for youUse two-factor authenticationIf a site you use has a data breach, change your password immediately, and check you’re not re-using that password and email combination on other sites
This means you’re going to end up with a lot of passwords if you don’t reuse them, right? Well, that’s where password managers come in handy. A password manager can mitigate a lot of the stress and danger around exposed staff login details. Luckily for you, we’ve tested the most popular password managers, and found 1Password to be the best, thanks to its extensive feature set, some tempting price plans, and easy to use interface. Dashlane comes in a close second, with global favourite LastPass not far behind. According to the tech firm, their software uses machine learning to double the existing detection rate, while maintaining a 98% level of precision. This new machine-learning detection is able to detect twice the number of compromised accounts of the previous algorithm. So, there are plenty of steps we can all take to make sure our data is kept safe and sound. All you need to do now is change your habits – and steer clear of ‘123456’!
