Are you using one of these top 5 passwords?

23 Apr, 2019

The National Cyber Security Centre (NCSC) have conducted their first UK Cyber Survey and released details of the most commonly used passwords.

The National Cyber Security Centre (NCSC) have conducted their first UK Cyber Survey and found ‘123456’ was the most commonly used password on breached accounts, being used by over 23 million victims.

Details of the top 100,000 passwords have been released by the NCSC and they are urging users to change their passwords immediately if it is listed within the file.  Some of the top passwords include:

Most used in total Names Premier League football teams Musicians Fictional characters
123456
(23.2m)		 ashley
(432,276)		 liverpool
(280,723)		 blink182
(285,706)		 superman
(333,139)
123456789
(7.7m)		 michael
(425,291)		 chelsea
(216,677)		 50cent
(191,153)		 naruto
(242,749)
qwerty
(3.8m)		 daniel
(368,227)		 arsenal
(179,095)		 eminem
(167,983)		 tigger
(237,290)
password
(3.6m)		 jessica
(324,125)		 manutd
(59,440)		 metallica
(140,841)		 pokemon
(226,947)
1111111
(3.1m)		 charlie
(308,939)		 everton
(46,619)		 slipknot
(140,833)		 batman
(203,116)

These days we need a password or PIN for everything we touch and as much as we all hate them (and curse them when we input them incorrectly!) deep down, we all know that they are there to protect us and our valuable information.

So, what can you do to help yourself?

Dr Ian Levy, NCSC Technical Director, advises “Password re-use is a major risk that can be avoided – nobody should protect sensitive data with something that can be guessed, like their first name, local football team or favourite band.”

“Using hard-to-guess passwords is a strong first step and we recommend combining three random but memorable words. Be creative and use words memorable to you, so people can’t guess your password.”

Some tips for extra protection: 

  • It sounds obvious but NEVER give your password away. If it does need to be given to a system administrator make sure this is done in person (not via e-mail or telephone) and that it is a trusted source.
  • Do not use the same password for multiple accounts. If it is cracked once, they will have access to everything.
  • Do not write passwords down on sticky notes left on computer monitors. If you must write down passwords then do so very carefully. Use a related thought or a convoluted phrase to jog your memory. Write it on paper which is carried on you in person and stored in a safe place at home. Don’t store them written down on an online document stored on your computer.
  • Be aware of people ‘shoulder surfing’ as you are inputting passwords.

What can you do as a business?  

  • Set a strong password policy for staff and get staff to sign to confirm they have read it.
  • Remind employees about hacking risks.
  • Teach new staff about good password practices.
  • Provide resources to staff about good password practices.
  • Ensure staff have different passwords for different things.
  • Put in place lockouts on computers for incorrect password attempts.
  • Make sure that staff change default passwords immediately.
  • Blacklist certain passwords, so this could be the names of staff, the name of the business or anything you feel that links to the individuals that could be easily guessed or hacked.

Effective password management is only part of the story. It’s also useful to think about general user education, good physical security (no documents lying around the office), firewalls and being aware of security risks. ISO 27001 can help you with your processes and information security.  To find out more, please visit our website or call us on 0330 058 5551.

If you already have ISO 27001 and are looking to get the most out of your Standard, we also offer training.

ISO Quality Services Ltd are proud to specialise in the implementation and certification of the Internationally recognised ISO and BS EN Management Standards.

Do you want to get ahead of your competition? Win more tenders or save time and money on reoccurring issues? Contact us today on 0330 058 5551 or email info@isoqsltd.com.

Alternatively, you can request a quote by filling out our enquiry form and a member of our team will be in touch shortly.

Related Posts

Reduce, Reuse, Recycle

ISO 14001 Is Just About Recycling… Isn’t It?

19 Sep, 2023

The days of checking bins have gone! Find out how ISO 14001 has changed with the times.

Read More
Puzzle piece being put in place in to the center of a circle.

10 Benefits of Implementing Multiple ISO Standards

30 Aug, 2023

In the dynamic landscape of modern business, organisations are constantly seeking ways to enhance operational efficiency, quality, and management practices. A powerful strategy that has gained traction is the implementation of multiple ISO standards.

Read More
Multicoloured question marks in a pile with one large green question mark on top

What is the Annex SL Structure?

30 Aug, 2023

Implementing multiple ISO standards may seem daunting, but the Annex SL framework simplifies this process significantly. So, what is the Annex SL Structure, and what benefits does it bring organisations who want to implement multiple standards?

Read More

What are the business benefits of implementing ISO 9001?

10 Aug, 2023

For any business to survive, continual improvement is vital.  However, we all know that improvements can be costly.  Deciding on the right way to spend any budget you do have can be difficult including new equipment, extra staff or training existing staff to name but a few.  In this article, we look at why ISO 9001 can be a big boost to any business and why we believe it is the best way to ensure continual improvement for your business.

Read More