Data and IT security was the number one risk identified in our Vendor Risk Management Report which surveyed 240 global companies.
The table below shows some fairly shocking results of the 25 most commonly used passwords in 2016. This comes from research published by the password management software company Keeper Security, following a review of 10 million passwords that came to light in 2016 via data breaches. Their findings highlighted that that nearly one in six of these passwords was "123456". Read the top 25 below.
1) 123456
2) 123456789
3) qwerty
4) 12345678
5) 111111
6) 1234567890
7) 1234567
8) password
9) 123123
10) 987654321
11) qwertyuiop
12) mynoob
13) 123321
14) 666666
15) 18atcskd2w
16) 777777
17) 1q2w3edr
18) 654321
19) 555555
20) 3rjs1la7qe
21) google
22) 1q2w3e4r5t
23) 123qwe
24) zxcvbnm
25) 1q2w3e
Wondering what the more obscure "18atcskd2w" and "3rjs1la7qe" are doing on the list of most common passwords? The answer; bots. Bots which spam countless sites, forums etc who use the same passwords, have resulted in them showing up on this list.
Of course data and IT breaches get a lot of media coverage and can occur for multiple reasons, but there is one risk mitigation rule that has to be observed. Strong passwords lead to improved security and help to protect the organization and the data. This applies to your third parties and vendors just as much as it does to your staff. Third parties and vendors should be required to follow secure password protocols when handling any of your data.
Download our whitepaper about implementing a framework for a Third Party Risk Management Program.
Source: Huffington Post