How secure is your password? Clue – not very
In the 21st century, useless passwords such as “123456” and “password” are still very much in circulation. In fact, they’re two of the most widely used codes among HR professionals, according to a new study looking into security breaches across industries. HR practitioners use “shockingly weak” passwords, research from security specialist NordPass showed. Of course, having to recall a complex alphanumeric string during every login isn’t easy.
Read more: Never recycle old passwords, security experts warn
Owing to the nature of their work, HR practitioners must be mindful of their password hygiene. The codes they create are often the only barrier keeping hackers and identity thieves from stealing corporate data and personal records.
“A weak password of one employee could potentially jeopardise the whole company if an attacker used the breached password to gain access to sensitive data,” added Chad Hammond, security expert at NordPass. On top of that, data breaches cost businesses nearly US$4m on average. It may be a simple error but it’s one with a heavy price tag.
Which passwords used by HR are the worst?
- password
- Kenzie14
- Company name123*
- Company name1234*
- welcome1
- 123456
- Company name*
- scooter
- Password
Read more: A single email could be ‘catastrophic’ for your company
How can HR improve their password habits?
- Create complex and unique passwords.
- Update them regularly and store them in a password manager.
- Use multi-factor authentication or single sign-on.
- Educate your employees on password hygiene and potential risks.
“It’s important to note that employees should avoid mixing their work and personal accounts. This ensures that your personal identity is not only protected, but also any information related to your employer is safeguarded in the event of a breach,” analysts said. “Consumer-facing breaches can extend beyond personal accounts, potentially exposing the enterprise as well. Data breaches like this can create a domino effect across multiple organisations through the reuse of credentials across personal and business accounts.”