Too Easy, Too Weak: Password Patterns Still Concerning
Weak password security is one of the main contributing factors to the current wave of cybercrimes sweeping the world. Despite repeated warnings from industry experts to choose more complex passwords, many users still fail to follow this advice.
Recent research shows that internet users continue to opt for passwords that are easy to guess or crack, leaving the door wide open to cyberattacks. Let’s take a closer look at this phenomenon and find out what organisations can do to strengthen their security.
Why are we still using simple passwords?
For many years, cybersecurity experts have been sounding the alarm about simplistic passwords that are far too easy to guess. Passwords like “12345”, variations on the word “password”, or even the user’s own name are still frequently chosen, despite the widely publicised dangers of doing so.
In fact, 2023 saw South Africans choose the password “admin” most frequently of all.
While some experts blame users for being lax or unoriginal, there is a possible psychological explanation for the simple passwords we choose: we believe that if we came up with them, they must be unique and impossible to guess.
This human tendency to overestimate our own ability at certain tasks is known as the Dunning-Kruger effect, a well-documented psychological phenomenon.
This effect applies to everything from our perceived ability to drive at high speeds, our competence at work, and even our attractiveness or social skills. Password creation is yet another area where we often think we are better than we really are.
Best practices for password creation
Unfortunately, cybercriminals are much better at guessing or decoding our passwords than we are at creating them.
To avoid this and secure crucial business data, team members in every organisation should be trained to apply best practices for password creation, which include:
- Using a password length of at least eight characters: Longer passwords are harder to guess and cannot be easily cracked by automated password-cracking software.
- Including numerals and special characters: This adds complexity to passwords, making them far less likely to be compromised.
- Avoiding personal information: Don’t choose words related to your daily life, such as hobbies, interests, or your workplace. Cybercriminals carrying out social engineering attacks may have already researched these aspects of your life and could use them to crack your password.
Password security and secure cloud storage – key aspects of every cyber defence strategy
A strong password adds an extra layer of security to your data, especially as cyberattacks and ransomware incidents become more frequent, costing businesses millions of rand each week.
In addition to strong passwords, secure cloud storage featuring encryption technology has become a non-negotiable element of every effective cybersecurity strategy.
To learn more about these technologies and how they can benefit your company’s online security, visit our product page today.