A recent study on password usage for new accounts during the onboarding process has brought to light a concerning trend of new starters using easily guessable passwords, posing significant security risks for organizations. The research conducted by Secops Software, an Outpost24 company, analyzed 651 million compromised passwords and identified a list of 120,000 commonly used passwords for new team members.

The study revealed that the most commonly used term for passwords by new starters was “User”, which appeared a staggering 41,683 times. Following closely behind was the term “Temp” with 28,469 occurrences, and “welcone” ranking third. Other frequently used terms included “guest”, “starter”, and “logon”, all of which raise red flags due to their predictability and vulnerability to hacking.

The prevalence of such weak passwords highlights a serious issue with the current password practices within organizations. Using easily guessable passwords not only compromises individual accounts but also puts the entire network at risk of security breaches. Hackers can exploit weak passwords to gain unauthorized access to sensitive data and systems, potentially causing significant damage to the organization.

Darren James, Senior Product Manager at Specops Software, expressed concern over the findings, stating that the use of temporary passwords for new employees is a common practice but one that is often not handled with the necessary security measures. Passwords generated by IT teams should adhere to best practices, such as using long and random passphrases, to ensure robust security. Unfortunately, many organizations fall short in implementing these security measures, leaving their systems vulnerable to cyber threats.

The sharing of first day passwords in plaintext further exacerbates the security risks associated with weak password practices. Passwords transmitted in plain text are easily accessible to malicious actors, increasing the likelihood of unauthorized access to sensitive information. Organizations must prioritize password security and implement stringent measures to safeguard their systems and data from potential breaches.

In light of these findings, it is imperative for organizations to educate their employees on the importance of using strong and unique passwords. Implementing password policies that encourage the use of complex and unpredictable passwords can help mitigate the risk of security breaches. Additionally, organizations should consider implementing multi-factor authentication and regular password updates to enhance security measures and protect against potential threats.

Overall, the research underscores the critical need for organizations to prioritize password security and invest in proper training and measures to ensure the protection of sensitive data. By addressing weak password practices and implementing robust security protocols, organizations can effectively defend against cyber threats and safeguard their digital assets.

Link na izvor