We all know the importance of strong password security. Still, easily cracked passwords remain the biggest reason that hackers gain access to computer networks to steal data and use it for criminality.
With the GDPR in force, data breaches like these leave your organisation liable to large fines, not to mention a significant loss in reputation. Fines for breaching the GDPR can reach up to €20 million, or 4% off global annual turnover, with some saying that fines could even reach up to €1 billion if larger organisations do not comply.
It has been reported that around 63% of data breaches were due to poor password security (Verizon 2016 data breach investigations report). Therefore, cyber and password security should be a priority for businesses in the lead up to the GDPR coming into force and beyond to avoid hefty fines that could be detrimental to business.
Blue Rock Managing Director Lorraine Mills, our expert on cyber defence strategy, is happy to share with us her top tips for implementing and maintaining a strong password security policy.
Tips for password security
- Minimum password length should now be at least 12 characters. It has been suggested that 8 characters is enough, however as cyber criminals become more advanced and technology evolves, 12 characters should be the minimum for optimum security.
- Criteria should involve both lowercase and uppercase letters, numbers and symbols.
- Aim to reset passwords every 60-90 days.
- Do not allow previous passwords to be re-used.
- Implement account lock-outs in the event of incorrect passwords.
The worst passwords
The below list includes some of the most easily cracked passwords that most hackers would be able to access in less time than it takes to type them! Avoid these passwords or similar to ensure you are not allowing hackers the opportunity to steal your data.
These may all seem like basic passwords that would be obvious not to use, however even passwords such as ‘P4ssw0rd!’ can take only 4 seconds to crack.
If you are concerned about the cyber safety of your business, get in touch with us. We can offer training and tools to ensure your passwords and uncrackable and your important business data is locked up safe against today’s cyber criminals.