Long passwords won’t protect your accounts, report finds


Longer passwords won’t stop adversaries from accessing your information, a report from Specops Software has found.

The password management and authentication vendor found that 31.1 million breached passwords contained 16 characters or more, demonstrating that longer passwords aren’t impenetrable.

After analyzing 1.8 million breached administrator credentials, 40,000 admin portal accounts used the term ‘admin’ for their passwords, and only 50% of organizations assess systems monthly for compromised credentials, according to the report.

ADVERTISEMENT

The most common compromised password in KrakenLab’s newest list of breached credentials was the combination ‘123456.’

Passwords that contained the word pass or wrote the word password (P@ssw0rd or Pass@123) that were just “complex” enough to pass the Active Directory’s basic rules were also common.

Cybercriminals often utilize methods that use your passwords and credentials.

Verizon concludes that nearly half of all data breaches involve stolen usernames, passwords, and other credentials, the report claims.

Credentials are of high value in cybercrime environments, as evidenced by the booming covert market for stolen credentials, personal information, and data.

Industries that have access to sensitive information need to secure their accounts by using strong, unique passwords.

Organizations and individuals should avoid recycling passwords, as they could expose themselves to attacks.

Administrative accounts are a goldmine for hackers as adversaries can leverage the account to gain further access to the organization, the report claims.

ADVERTISEMENT

It is important for those who have access to sensitive information to have strong passwords.

Yet every account counts, as adversaries can leverage regular accounts to gain access to more high-value targets, the report finds.

“Long passwords hashed with MD% and bcrypt can take millions of years to crack – but password reuse can render them immediately compromised,” the report states.