Australian businesses are being warned to make sure their passwords are up to scratch, with โ123456โ and โpasswordโ still amongst the most popular choices.
The latest data from Microsoft shows hackers are conducting 921 password attacks every second, a 74 per cent increase from 2021*.
โUsing the name of your childhood pet, your birthday or the street you grew up on simply isnโt enough to protect yourself from scams or cyber attacks in 2023,โ said Phil Parisis, General Manager of My Business
โIf itโs easy for you to remember, chances are itโs also easy for cybercriminals to guess and thatโs not only putting you at risk but also exposing the businesses and corporations that you work for.
โOften a password is a first line of defence in a cyberattack so you want to make sure itโs like a locked door.โ
According to CyberNews** and their analysis of leaked accounts, the most popular passwords in 2023 are:
- 123456
- 123456789
- qwerty
- password
- 12345
- qwerty123
- 1q2w3e
Of the more than 15 billion passwords analysed from publicly-released data breaches, only around two billion were unique.
โWhatโs interesting about this password data is that researchers were able to tell users favourite sporting teams, their cities, favourite food and even their ages just by their passwords,โ Mr Parisis said.
โAnother common inclusion is a year – often their birth year or another significant year in their life.
โOften people have the same password across their personal and work accounts which increases their chances of being hacked and losing multiple accounts at the same time.โ
Mr Parisisโ top five tips for creating strong passwords:
- Multi-factor Authentication. A security measure that requires two or more proofs of identity to grant you access. Multi-factor authentication typically requires a combination of either passwords, PINs, secret questions, an authenticator app, or fingerprint/other biometric.
- Use a mix of characters. Use a combination of uppercase and lowercase letters, numbers, and special characters (such as %, *, and @) in your password. This makes it much harder for someone to guess your password using brute force methods. The longer your password, the harder it is to crack. Aim for a password that’s at least 12 characters long.
- Avoid common words and phrases. Avoid using common words or phrases in your password, such as “password,” “123456,” or “qwerty.” These are among the most commonly used passwords and are easily guessed by attackers.
- Don’t reuse passwords. Never use the same password for multiple accounts. If one password is compromised, all of your accounts are at risk. Staff should have their own accounts and passwords.
- Use a password manager. The best passwords are the ones you donโt have to remember at all. A password manager can generate strong, unique passwords for each of your accounts and store them securely. This eliminates the need to remember multiple passwords and helps you create stronger passwords overall.
Mr Parisis says the latest ReportCyber*** data shows an eye-watering $300 million is lost every year to cybercrime. ย My Business helps small businesses protect against cyber scams and attacks by offering automated staff training, tools and resources.
โOur simple training helps small business owners work smarter, not harder but giving them the tools needed to stay protected online,โ Mr Parisis said.
โWeak passwords are one of the top causes of data breaches and cyberattacks. Small businesses are particularly vulnerable to these threats due to their limited resources and often lack of dedicated IT departments.
โMake sure staff undergo regular security training exercises to follow password hygiene best practices, including identifying and reporting suspicious emails and messages.โ