Image: © AFP
According to an IBM report, in 2022, stolen or compromised credentials remained the most common cause of a data breach in companies, accounting for 19 percent. Jonas Karklys, CEO of NordPass says that by implementing a few cybersecurity measures, businesses could avoid many cybersecurity incidents.
This includes addressing weak and easily hackable passwords. A survey by NordPass finds that 32 percent of wealthiest businesses’ passwords directly reference the name of company, opening the way for passwords to be easily hacked.
The poor passwords list was compiled in partnership with a third-party company specializing in cybersecurity incidents’ research. Researchers analyzed data that affected the world’s 500 largest companies by their market capitalization. The analyzed data was categorized into 20 different industries. The researchers looked into the top 20 passwords used in each industry.
The analysis of the world’s wealthiest companies’ passwords was conducted in partnership with independent third-party researchers specializing in research on cybersecurity incidents. They looked into the world’s 500 largest companies by their market capitalization, which represented 31 countries and 20 industries.
The United States (46.2 percent), China (9.6 percent), Japan (5.8 percent), India (4.2 percent), the United Kingdom (4 percent), France (3.8 percent), and Canada (3.6 percent) are the countries most represented in this research. Also, most of the companies analyzed fell under the finance, technology and IT, and health care sectors.
The review found that all of the 20 analyzed industries had both “password” and “12345” among the top 7 most commonly used passwords. In terms of more specific selections, the largest companies prefer “dummies,” “vacation,” and “sexy4sho” for their passwords.
To avoid these mistakes, Karklys provides the following advice:
Ensure company passwords are strong.
They should consist of random combinations of at least 20 upper- and lower-case letters, numbers, and special characters.
Enable multi-factor authentication or single sign-on.
While the MFA set up on another device, connected with email or SMS codes guarantees an additional layer of security, single sign-on functionality helps reduce the number of passwords people have to manage.
Critically evaluate whom to grant account credentials.
Access privileges should be removed from people leaving the company and passed on only to those who are in need of certain access.
Deploy a password manager.
With a business solution, companies can safely store all their passwords in one place, share them within the organization, ensure their strength, and effectively manage access privileges.
