Every year, they publish their list of most widely used insecure passwords, as gleaned from passwords that were made public via data breaches occurring in that year.
To compile the 2016 list, the company analyzed more than ten million stolen passwords, and depressingly, the 2016 list looks a lot like the 2015 list.
Topping the chart for two years in a row was the password “123456.” If there’s a less secure password than this, it’s actually difficult to imagine what it might be. But several of the others that showed up in prominent positions on the 2016 list were also widely used in 2015, including “qwerty,” “111111,” and of course, the infamous “password.”
This should go without saying. Last year saw the highest number of security breaches in the entire history of the internet, and that there’s every indication that 2017 will be another record-breaking year. If you’re still using passwords like this, you are part of the problem.
If you have any employees using passwords like this, they’re essentially a ticking time bomb. If your company’s security is breached, odds are good it will be because someone in your organization is using a weak password and simply not taking digital security as seriously as they need to be.
All of this underscores the need for diligence and education. If it’s been a while since your employees have attended data security training classes, there’s no time like the present to get that set up. Remember, your security system is only as secure as your weakest link, and if your weakest link is being protected by a password like “password,” then you’re in real trouble, no matter how much you’re spending to keep your data safe.