Bad Passwords cause 80% of cybersecurity issues

With cybersecurity incidents that have taken place recently due to lost or stolen credentials, it is a great time to be reminded why passwords and password security is still an important step in cyber security.

A recent report from cybersecurity company ID Agent analyzed the top 250 passwords found on the dark web, and the most common types of password choices were: names, sports, food, places, animals, and famous people/characters.

Over 80% of cybersecurity incidents are caused by bad passwords. Today, nearly 80% of all data breaches are the devastating result of lost, weak or stolen passwords.

Top 20 Most Common Passwords Found on the Dark Web in 2020:

  1. 123456
  2. password
  3. 12345678
  4. 12341234
  5. 1asdasdasdasd
  6. Qwerty123
  7. Password1
  8. 123456789
  9. Qwerty1
  10. :12345678secret
  11. Abc123
  12. 111111
  13. stratfor
  14. lemonfish
  15. sunshine
  16. 123123123
  17. 1234567890
  18. Password123
  19. 123123
  20. 1234567



Don’t use these passwords!

Passphrases have now become the new best practice instead of passwords. A passphrase is longer than a password and contains spaces in between words. A passphrase can also contain symbols and does not have to be a proper sentence or grammatically correct.

The main difference between the two is that passwords do not have spaces while passphrases have spaces and are longer than any random string of letters. Passphrases are better than passwords for the following reasons: passphrases are easier to remember, passwords are easier to guess or crack, passphrases satisfy complex rules easily, and passphrases are next to impossible to crack.

Keep in mind many places you may need a password, a passphrase may not work due to needing a constant character, but that would be dependent on the organization or site you’re trying to use it.

Another way to beat the password issue, is to use a multi-factor authentication (MFA). MFA is a layered security protection that meets the security protocols necessary to achieve and prove compliance for most regulatory bodies. MFA stops fraudsters dead in their tracks. If they steal your password, they will not be able to access your accounts as MFA only grants access after successfully presenting two or more pieces of evidence from an authentication mechanism. Usually that means you’ll be texted a one-time passcode, or perhaps a special app asks for you to “approve” access from your mobile device or email.

Encompass Credit Union’s digital banking uses both 10-character minimum complex passwords, as well as multi-factor authentication for set up of your digital banking as well as a number of other transactions that are at risk for fraud, like adding a bill payee or e-Transfer recipient, all to protect you and your money.

Monday | October 25, 02:21 PM
This website uses cookies to improve your user experience. By continuing to browse the site you are agreeing to our use of cookies.