It’s something that we’re all regularly warned about, but it seems that even top executives are still using passwords that are very easy to guess.
New research by NordPass has revealed the most popular passwords used by CEOs – with ‘123456’ and ‘password’ continuing to top the list.
Names and mythical creatures are also very commonly used, with ‘Michael’, ‘Jordans’ and ‘dragon’ also featuring in the top list.
New research by NordPass has revealed the most popular passwords used by CEOs – with ‘123456’ and ‘password’ continuing to top the list
Top 10 passwords used by CEOs
The list of top passwords used by CEOs was compiled by NordPass in partnership with independent researchers specialising in research about cybersecurity incidents.
The team analysed over 290 million data breaches worldwide, before grouping passwords according to job title and industry.
Among the fields affected, technology, finance, construction, healthcare, and hospitality were shown to experience the most security incidents.
The list revealed that ‘123456’, was the most popular password among CEOs, having been used by 29,401 executives across the 290 million data breaches.
‘Password’ was next, with 22,511 uses, followed by ‘12345’ (11,876 uses), ‘123456789’ (10,988 uses) and ‘qwerty’ (9,738 uses).
Several names were widely used, with ‘Tiffany, ‘Charlie’, ‘Michael’ and ‘Jordan’ coming out as the most popular options.
Besides names, CEOs also showed their love for animals and mythical creatures when it came to passwords, with ‘dragon’ and ‘monkey’ revealed as the most widely used.
Last year, NordPass revealed the top 200 most common passwords used by the general public online.
Interestingly, this new data shows that easy-to-crack passwords are just as popular among business executives as they are with general internet users.
‘It is unbelievable how similar we all think, and this research simply confirms that — what we might consider being very original, in fact, can place us in the list of most common,’ said Jonas Karklys, CEO of NordPass.
‘Everyone from gamer teenagers to company owners are targets of cybercrimes, and the only difference is that business entities, as a rule, pay a higher price for their unawareness.’
The team analysed over 290 million data breaches worldwide, before grouping passwords according to job title and industry (stock image)
An IBM report last year revealed that the average global cost of a data breach is now $4.24 million – 10 per cent higher than 2020.
Meanwhile, attacks that happen due to compromised credentials – which account for 20 per cent of breaches – cost even more, at $4.37 million.
Based on the findings, NordPass is urging internet users to follow simple steps to improve password security.
This includes deploying a password manager, introducing cybersecurity training, and enabling multi-factor authentication.
Meanwhile, Chris Harris, EMEA technical editor at Thales, claims that passwords should be dropped altogether.
‘Passwords are no longer effective in their ability to keep sensitive data secure and are the prime resource for hackers to gain access,’ he said.
‘Companies should instead look to adopt access management solutions such as passwordless authentication which relies on FIDO, certificate-based PKI authentication, policy-based access and cloud access management solutions that ensures secure, convenient access to all cloud applications.
‘This will overcome the inherent vulnerabilities of text-based passwords, while improving levels of assurance and convenience.’
The study comes shortly after experts revealed how long it would take a hacker to crack your logins.
According to the research, anything with six characters, regardless of whether numbers and symbol are included, can be cracked instantly.
The same goes for anything that is seven or eight characters but made up of just numbers or lower case letters.
But the news doesn’t get much better for any eight character combination.
In fact, they can all be guessed in about 39 minutes according to US cybersecurity company Hive Systems, which is based in Richmond, Virginia.
On the flip side the way to guarantee that your password won’t be cracked for some 438 trillion years is to use 18 characters made up of numbers, upper and lower case letters and symbols.
Tips to ensure your passwords are safe
1. Deploy a password manager
Password managers allow you to store all the passwords in end-to-end encrypted digital storage locked with a single keyword for the most convenience. Most password managers have additional features to check passwords’ strength and automatically generate unique passwords. For organizations, they can come in handy when sharing passwords with employees or managing their access.
2. Introduce cybersecurity training
Since simple human mistakes remain the leading cause of data breaches, it is worth investing in cybersecurity training sessions for employees. Starting from the basics might be a good idea given that people have different technology background levels.
3. Enable multi-factor authentication
Known as MFA, it serves as an extra layer of security. It is an authentication method that uses two or more mechanisms to validate the user’s identity – these can be separate apps, security keys, devices, or biometric data.