Password vulnerability at Fortune 1000 companies

2020-03-25 11:17

Despite often repeated advice of using unique passwords for online accounts - or at least the most critical ones - password reuse continues to be rampant.

According to breach discovery firm SpyCloud, employees of the Fortune 1000 are just as bad about reusing passwords as the rest of us.

The company has combed through their database of breach data for data tied to Fortune 1000 companies, analyzed it and found that employees in media companies are the worse when it comes to password reuse, and those is retailing the best, although even they still reuse passwords way to much.

"The most common passwords for the Media industry are mostly unprintable. But for Fortune 1000 employees with family-friendly passwords, popular themes include first names, company names, and simple strings of numbers and letters," they added.

"While most of these examples would fail to pass basic corporate password policies, people tend to transform a base password in predictable ways to bypass complexity rules. For example, 'password' might become 'Password1' or 'Passw0rd!' at work. Unfortunately, criminals are well-aware of these patterns, and sophisticated account checker tools make it easy for criminals to test variations of exposed passwords at scale."

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/y_RzLBNf4p0/

#vulnerability