Easy-to-Guess Passwords Are Risky

The British National Cyber Security Centre (NCSC) says that too many people are using easy-to-guess passwords, including their pet's nameThey also commonly use a family members' names, significant dates, their favourite sports team, or even 'Password',  all putting them at risk of their accounts being compromised by cyber criminals.

Cyber security experts are urging people to create harder-to-crack passwords after new research found 15% of British people use their pet’s name as a log-in. The cyber security organisation is asking people to follow best practice by creating passwords using three random words to help better secure their online accounts.

It comes after a survey commissioned by the centre, which is part of GCHQ, found that many people were using passwords made up of things which can be easily predicted – including a pet’s name (15%), the name of a family member (14%), a significant date (13%) or a favourite sports team (6%).

A shocking result of the survey is that a further 6% admitted they used the word “password” as all or part of their password.

The NCSC study also found that more than a quarter of people had set up at least four new password-protected accounts in the last year, which the organisation said further highlighted the importance of using strong passwords, with more data than ever to protect. “We may be a nation of animal lovers, but using your pet’s name as a password could make you an easy target for callous cyber criminals,” NCSC director for policy and communications Nicola Hudson said. “I would urge everybody to visit cyberaware.gov.uk and follow our guidance on setting secure passwords which recommends using passwords made up of three random words... You can even use our Cyber Action Plan tool to generate tailored, free of charge advice to improve your security against online attacks.”

The NCSC’s Cyber Aware campaign also advises the public to use a strong, separate password for a user’s main email account and to save passwords in a web browser to help with managing them. The National Cyber Security Centre (NCSC) also argues that such passwords can make it easier for hackers to force their way into people’s accounts by simply guessing common pet names.

The NCSC  is advising people to follow ‘best practice’ by creating passwords using three random words to help better secure their online accounts rather than using just two, like ‘maddy_Mijas’ after a cat!

The top of the list of commonly used passwords was 123456, appearing more than 23 million times. The second-most popular string, 123456789, was not much harder to crack, while others in the top five included ‘qwerty’, ‘password’ and 1111111.

The most common name to be used in passwords was Ashley, followed by Michael, Daniel, Jessica and Charlie. When it comes to Premier League football teams in guessable passwords, Liverpool are ‘champions’ with Chelsea are second, Blink-182 topped the charts of music acts.

NCSC:          Kent Live:      In Your Area:     The Star:      Euro Weekly:    ZDNet

You Might Also Read: 

PIN Authentication Significantly Reduces Cyber Attacks & Data Breaches

 

« Significant Growth In State-Sponsored Cyber Attacks
Darktrace Plans Stock Market Debut »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Dataguise

Dataguise

Dataguise provides a data-centric security solution to detect, protect, and monitor sensitive data in real time across all data repositories, both on premises and in the cloud.

Vade Secure

Vade Secure

Vade Secure provides protection against the most sophisticated email scams such as phishing and spear phishing, malware and ransomware.

National Information Security & Safety Authority (NISSA) - Libya

National Information Security & Safety Authority (NISSA) - Libya

NISSA is responsible for safeguarding the integrity, availability and resilienceof ICT infrastructure, resources, services and data in Libya.

NopSec

NopSec

NopSec provides automated IT security control measurement and risk remediation solutions to help businesses protect their IT environments from security breaches.

Tevora

Tevora

Tevora is a specialized management consultancy focused on cyber security, risk, and compliance services.

Cofrac

Cofrac

Cofrac is the national accreditation body for France. The directory of members provides details of organisations offering certification services for ISO 27001.

RiskRecon

RiskRecon

RiskRecon makes it easy to gain deep, risk contextualized insight into the cybersecurity risk performance of all of your third parties.

MISP Project

MISP Project

The MISP threat sharing platform is a free and open source software helping information sharing of threat intelligence including cyber security indicators.

Spamhaus

Spamhaus

Spamhaus is the world leader in supplying realtime highly accurate threat intelligence to the Internet's major networks.

The ATOM Group

The ATOM Group

ATOM builds and secures technology for regulated industries. We design and build for a future we can all trust.

Zyston

Zyston

Zyston's solutions provide end-to-end management of your cybersecurity needs. Our range of services help protect your business where it needs it the most.

Smile Identity

Smile Identity

Smile Identity helps businesses confirm the true identity of their users in real-time using any smartphone or computer.

BreakPoint Labs

BreakPoint Labs

BreakPoint Labs is dedicated to providing the methods and means for sustainable, measurable, and effective cybersecurity operations.

Myrror Security

Myrror Security

Myrror Security is a software supply chain security solution that aids lean security teams in safeguarding their software against breaches.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Cyphershield

Cyphershield

Cypershield is a Security and Smart Contract audit company providing professional smart contract auditing services for varied Crypto projects.