People use easy-to-use passwords, such as their pet name, family members' names, important dates, their favorite sports team - or even "Password", and this could put them at risk.
The National Cyber Security Center (NCSC) survey shows that 15% of people at some point have used their pet's name as a password, while 14% have used the name of a family member.
Another 13% have used an important date, such as a birthday or anniversary, while 6% have used the sports team they support as a password.
Although these passwords help users remember them, it could put their accounts at risk. Intruders could extract information (eg pet names) from public social media posts that could be used in attacks. They could then try to use this information to breach accounts.
They could also use a brute force attack tool to try to "break" accounts, which use simple passwords (one word) with relative ease. Using default credentials such as "password" provides hackers with an easy method of hacking accounts.
Weak passwords jeopardize personal information or financial information - especially if the same password is used on multiple accounts.
They could even put their employer at risk if the stolen password is also used to secure corporate accounts as hackers will try to see if the password works on other accounts as well.
The NCSC therefore urges people to follow their advice and have their passwords consist of three random words. The idea is that it is relatively easy to remember three words, but the fact that they will be random is the key move that will prevent hackers from guessing them. passwords.
The NCSC also advises users to make sure their password is unique, because if an attacker steals your email username and password, they could gain access to other sites that use the same credentials.
In addition, NCSC recommends that users save passwords in their browser. This not only allows users to easily link to sites, but also protects them from being attacked - for example, password manager will not work if the site is a fake version of the site designed to steal credentials.
Users are also advised to enable two-factor authentication to provide an additional barrier to attacks.
Source of information: zdnet.com