Experts say that the average person has 19 passwords, with more than a third of us having weak passwords, and 63 per cent of all data breaches involving those weak or stolen passwords.
At TELUS, our security experts see that weak passwords typically fall into one of these four behavioural categories, making them easy to breach:
The advocate: Someone who is loyal to their work, has a sense of corporate pride, and uses their company name in the password (e.g., TELUS888). This password can easily be guessed, and can be a common practice at some companies. Avoid the risk and keep your company name out of your passwords.
The number cruncher: Someone who had to think of a password on the spot, and uses a string of numbers in sequence for their password (e.g., 98765432). It’s very important to use letters and special characters to keep the strength of your password up.
The typist: Someone with so many passwords that they can’t be creative anymore, and uses the keyboard to create a password with neighbouring keys (e.g., 1qaz2wsx) – which is just as easy to crack as 1234.
The season sponsor: Someone who bases their password updates on the season they’re in, and uses spring, summer, fall and winter references for quarterly password changes (e.g., Summer16). These passwords may be easy to remember, but they are even easier to crack.
Hackers are extremely resourceful and use sophisticated methods to guess even the most complicated of passwords, and they keep getting better at it. In the past it used to take a few weeks to break a password, but today it can happen in a few seconds. These password trends are well known by hackers so creating passwords using these categories leaves the door wide open for them.
Security experts at TELUS have solutions to protect Canadian businesses from cyber-attacks, and advise avoiding these four password behaviours as much as possible. As crass as it may sound, we recommend treating passwords like underwear: change them often, don’t leave them lying around on your desk and don’t lend them to anyone (hey, you’ll never forget that right?). Whether it’s a personal or corporate password, one thing remains the same, avoid these common password pitfalls and ensure your passwords are as strong as they can be to avoid putting you and your company at risk.
Peter Romano is the Director of Corporate Security at TELUS.
SAMSUNG GALAXY S8 PLUS
The Samsung Galaxy S8 Plus is a beautifully crafted smartphone with nearly no bezel, curvaceous in design and reflects a…
How to: Connect to Exchange Online Using Multi-Factor Authentication
Using PowerShell to manage your Microsoft cloud services like Exchange Online and using multi-factor authentication (MFA) separately is awesome. Using…