How to get employees off the world’s worst password list

Last updated: 29 January 2016

Brace yourselves, security professionals – the 25 worst passwords have been revealed, and there are some genuine shockers.

According to SplashData, who’ve analyzed a large number of leaked passwords to determine the most used words and phrases, the most common passwords are ‘123456’ and ‘password’. So, if James Bond ever misses his customary briefing from Q and needs to break into a supervillain’s computer, he’ll stand a good chance by just typing in ‘password’. Not exactly a thrilling Bond finale, is it? That’s the situation we’re facing, people! Here’s the top ten:

rankings pic

As you’ll know from reading our blog, enterprise security has been a big issue lately, with telecoms giant TalkTalk the most recent to fall victim to a serious data breach. Not only do bad passwords put data at risk, but so do good ones: the problem is they rely on static information, so if they fall into a cybercriminal’s hands, a successful attack is likely. Faced with multiple cyber-threats, we think traditional passwords are now obsolete, unless combined with another layer of protection. Fortunately, there are other options on the table, such as multi-factor authentication.

Knights wouldn’t go into battle with just a shield. No, that’d be too predictable and easy to overcome! They’d have armour, a helmet, perhaps a circle of bodyguards. The same principle applies to authentication. More security tools and greater unpredictability make a cyber-attacker’s job much more difficult. Traditional passwords can be combined with tokens, one-time passwords, or smart cards to add extra layers of security.

We’re pleased to say it looks like multi-factor authentication is becoming the norm – 38% companies utilize the security solution today and this is expected to reach 51% in two years. It’s just as well, because the demand for mobile working is going to create more security problems, and traditional password systems are simply not going to be adequate.

Providing more companies adopt multi-factor authentication, and enforce strong passwords, hopefully we’ll see an end to lazy passwords like ‘123456’ and ‘password’ being the focus of cyber breaches in the future. What’s your view on the world’s worst passwords rankings? Let us know by tweeting us at @Gemalto or posting a comment below.