The email addresses and passwords of 42 million members of a dating site have been discovered on a server which hackers also used to store information stolen from Adobe, LexisNexis and PR Newswire.
The credentials were stored in plaintext and roughly two million of them (here comes the funny/scary part) used ‘123456’ as a password. As well as 1.2 million who used ‘111111’ and 575,000 who used ‘123456789’
Now come on, that’s just ridiculous. A password is defined as “a secret word or phrase that must be used to gain admission to a place” but it appears these users see a password as “an easy to guess phrase to gain admission to a place”.
Imagine an organisation spending thousands upon thousands of £’s on security software only to have it compromised by someone who thought ‘123456789’ was a secure password for their user account.
To me, creating a strong and secure password is just common sense. I’m aware of the threats that surround me and therefore the need for a strong password. But chances are, most of your staff isn’t.
Simple, yet effective, staff awareness training will make your employees more aware of the threats that surround them and of the basic principles of information security. By teaching your staff how to better protect themselves against cyber threats, then you’ll greatly reduce the threat they pose to your organisation.
Pro Tip: Google Chrome has a feature called ‘saved passwords’ which should always be turned off. This feature will save your passwords for you rather than you having to type them in every time. However, it only takes 15 seconds for someone to open up your chrome browser, go to advanced settings and open up your saved passwords where they are stored and can be viewed in plain text.