Easy-to-Guess Passwords Are Risky

Uploaded on 2021-04-20 in TECHNOLOGY--Resilience, FREE TO VIEW

The British National Cyber Security Centre (NCSC) says that too many people are using easy-to-guess passwords, including their pet's nameThey also commonly use a family members' names, significant dates, their favourite sports team, or even 'Password',  all putting them at risk of their accounts being compromised by cyber criminals.

Cyber security experts are urging people to create harder-to-crack passwords after new research found 15% of British people use their pet’s name as a log-in. The cyber security organisation is asking people to follow best practice by creating passwords using three random words to help better secure their online accounts.

It comes after a survey commissioned by the centre, which is part of GCHQ, found that many people were using passwords made up of things which can be easily predicted – including a pet’s name (15%), the name of a family member (14%), a significant date (13%) or a favourite sports team (6%).

A shocking result of the survey is that a further 6% admitted they used the word “password” as all or part of their password.

The NCSC study also found that more than a quarter of people had set up at least four new password-protected accounts in the last year, which the organisation said further highlighted the importance of using strong passwords, with more data than ever to protect. “We may be a nation of animal lovers, but using your pet’s name as a password could make you an easy target for callous cyber criminals,” NCSC director for policy and communications Nicola Hudson said. “I would urge everybody to visit cyberaware.gov.uk and follow our guidance on setting secure passwords which recommends using passwords made up of three random words... You can even use our Cyber Action Plan tool to generate tailored, free of charge advice to improve your security against online attacks.”

The NCSC’s Cyber Aware campaign also advises the public to use a strong, separate password for a user’s main email account and to save passwords in a web browser to help with managing them. The National Cyber Security Centre (NCSC) also argues that such passwords can make it easier for hackers to force their way into people’s accounts by simply guessing common pet names.

The NCSC  is advising people to follow ‘best practice’ by creating passwords using three random words to help better secure their online accounts rather than using just two, like ‘maddy_Mijas’ after a cat!

The top of the list of commonly used passwords was 123456, appearing more than 23 million times. The second-most popular string, 123456789, was not much harder to crack, while others in the top five included ‘qwerty’, ‘password’ and 1111111.

The most common name to be used in passwords was Ashley, followed by Michael, Daniel, Jessica and Charlie. When it comes to Premier League football teams in guessable passwords, Liverpool are ‘champions’ with Chelsea are second, Blink-182 topped the charts of music acts.

NCSC:          Kent Live:      In Your Area:     The Star:      Euro Weekly:    ZDNet

You Might Also Read: 

PIN Authentication Significantly Reduces Cyber Attacks & Data Breaches

 

« Significant Growth In State-Sponsored Cyber Attacks
Darktrace Plans Stock Market Debut »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

ACME Communications

ACME Communications

ACME Communications specialises in the field of data centre, implementation, maintenance & operation and all aspects of other IT service.

Red Hat

Red Hat

Red Hat is a leader in open source software development. Our software security team proactively identifies weaknesses before they become problems.

Keyfactor

Keyfactor

Keyfactor is a leader in cloud-first PKI as-a-Service and crypto-agility solutions. Our Crypto-Agility Platform seamlessly orchestrates every key and certificate across the enterprise.

Greenbone Networks

Greenbone Networks

Greenbone Networks delivers a vulnerability analysis solution for enterprise IT which includes reporting and security change management.

Applied Risk

Applied Risk

Applied Risk is an established leader in Industrial Control Systems security, focused on critical infrastructure security and combating security breaches that pose a significant threat.

Applied Security (APSEC)

Applied Security (APSEC)

APSEC provides products and services in the areas of encryption, digital signature, authentication and data loss prevention.

Myra Security

Myra Security

Myra technology monitors, analyzes, and filters malicious internet traffic before virtual attacks can do any real harm.

HCC Embedded

HCC Embedded

HCC’s mission is to ensure that data stored or communicated by an embedded IoT application is secure, safe and reliable.

ISARR

ISARR

The ISARR software platform - your bespoke Risk, Resilience & Security Management solution. Simple, cost effective and adaptable, now and into the future.

Norma Inc.

Norma Inc.

Norma provides the secured wireless environment (WiFi and Bluetooth) with the unauthorized AP detection, and secures your IoT assets from various threats.

Brace168

Brace168

Specialising in Cyber Security incident identification and response, Brace168 is uniquely positioned to provide a vast experience in managed security services to meet the needs of all business types.

Midwest Cyber Security Alliance (MCSA)

Midwest Cyber Security Alliance (MCSA)

Midwest Cyber Security Alliance is a nonprofit, nonpartisan collaboration of individuals, businesses, government entities, and professionals advocating for more effective cyber security solutions.

Moss Adams

Moss Adams

Moss Adams is a fully integrated professional services firm dedicated to assisting clients with growing, managing, and protecting prosperity.

VENZA

VENZA

VENZA is a data protection company that can help organisations mitigate their vulnerabilities and ensure compliance, keeping guests and their data safe from breaches.

Neo Auth

Neo Auth

Neo Auth is an identity and access management solution to help organizations optimize their cybersecurity processes.

Neptune Shield

Neptune Shield

Neptune Shield's mission is to deliver cutting edge Maritime focused Cyber Security & Threat Protection through our Hampton Roads based Tech & Cyber Security Hub.