Easy-to-Guess Passwords Are Risky

Uploaded on 2021-04-20 in TECHNOLOGY--Resilience, FREE TO VIEW

The British National Cyber Security Centre (NCSC) says that too many people are using easy-to-guess passwords, including their pet's nameThey also commonly use a family members' names, significant dates, their favourite sports team, or even 'Password',  all putting them at risk of their accounts being compromised by cyber criminals.

Cyber security experts are urging people to create harder-to-crack passwords after new research found 15% of British people use their pet’s name as a log-in. The cyber security organisation is asking people to follow best practice by creating passwords using three random words to help better secure their online accounts.

It comes after a survey commissioned by the centre, which is part of GCHQ, found that many people were using passwords made up of things which can be easily predicted – including a pet’s name (15%), the name of a family member (14%), a significant date (13%) or a favourite sports team (6%).

A shocking result of the survey is that a further 6% admitted they used the word “password” as all or part of their password.

The NCSC study also found that more than a quarter of people had set up at least four new password-protected accounts in the last year, which the organisation said further highlighted the importance of using strong passwords, with more data than ever to protect. “We may be a nation of animal lovers, but using your pet’s name as a password could make you an easy target for callous cyber criminals,” NCSC director for policy and communications Nicola Hudson said. “I would urge everybody to visit cyberaware.gov.uk and follow our guidance on setting secure passwords which recommends using passwords made up of three random words... You can even use our Cyber Action Plan tool to generate tailored, free of charge advice to improve your security against online attacks.”

The NCSC’s Cyber Aware campaign also advises the public to use a strong, separate password for a user’s main email account and to save passwords in a web browser to help with managing them. The National Cyber Security Centre (NCSC) also argues that such passwords can make it easier for hackers to force their way into people’s accounts by simply guessing common pet names.

The NCSC  is advising people to follow ‘best practice’ by creating passwords using three random words to help better secure their online accounts rather than using just two, like ‘maddy_Mijas’ after a cat!

The top of the list of commonly used passwords was 123456, appearing more than 23 million times. The second-most popular string, 123456789, was not much harder to crack, while others in the top five included ‘qwerty’, ‘password’ and 1111111.

The most common name to be used in passwords was Ashley, followed by Michael, Daniel, Jessica and Charlie. When it comes to Premier League football teams in guessable passwords, Liverpool are ‘champions’ with Chelsea are second, Blink-182 topped the charts of music acts.

NCSC:          Kent Live:      In Your Area:     The Star:      Euro Weekly:    ZDNet

You Might Also Read: 

PIN Authentication Significantly Reduces Cyber Attacks & Data Breaches

 

« Significant Growth In State-Sponsored Cyber Attacks
Darktrace Plans Stock Market Debut »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Backup Technology

Backup Technology

Backup Technology is a world leader in the Online Cloud Backup, Disaster Recovery and Business Continuity market.

Cyber Security Recruiters

Cyber Security Recruiters

Cyber Security Recruiters is a niche recruiting firm who finds impact players for our clients in the Information Security Space.

Cybertrust Japan

Cybertrust Japan

Cybertrust Japan provides a comprehensive security certification and digital authentication service, enabling customers to build and manage highly secure IT infrastructures.

Cyber Academy

Cyber Academy

Cyber Academy is one of the first institutions in the SE Europe region that provides a hands-on program in cyber security, blockchain and AI.

Stage2Data

Stage2Data

Stage2Data is one of Canada’s most trusted cloud solution providers offering hosted Backup and Disaster Recovery Services.

Insight Partners

Insight Partners

Insight Partners is a leading global private equity and venture capital firm investing in growth-stage technology, software and Internet businesses.

Chicago Quantum Exchange (CQE)

Chicago Quantum Exchange (CQE)

Chicago Quantum Exchange is an intellectual hub and community of researchers with the common goal of advancing academic and industrial efforts in the science and engineering of quantum information.

StackHawk

StackHawk

StackHawk is built to help dev teams ship secure code. Find and fix bugs early before they become vulnerabilities in production.

Wiz

Wiz

Wiz - the first cloud visibility solution for enterprise security: A 360° view of security risks across clouds, containers and workloads.

Def-Logix

Def-Logix

Def-Logix was founded in 2008 to help solve cyber threats being experienced by government agencies of the United States.

Central Intelligence Agency (CIA) - USA

Central Intelligence Agency (CIA) - USA

The CIA is an independent agency responsible for providing national security intelligence to senior US policymakers. This includes cyber security related activities.

Core4ce

Core4ce

Core4ce is a mission-oriented company that serves as a trusted partner to the national security community.

Eqlipse Technologies

Eqlipse Technologies

Eqlipse Technologies provides products and high-end engineering solutions to customers in the Department of Defense and Intelligence Community.

BreakPoint Labs

BreakPoint Labs

BreakPoint Labs is dedicated to providing the methods and means for sustainable, measurable, and effective cybersecurity operations.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

CoNetrix

CoNetrix

CoNetrix is a full service computer networking, software development, and security and compliance firm built on the principles of integrity, innovation, and initiative.