As we enter into a new week we are about to witness Barack Obama’s final mic drop as President, Kim Kardashian's finally stable and secure enough to get back into her social network game, and last week I thoroughly enjoyed the first instalment of TV series ‘Spies’, watching people dropped into a cybersecurity seminar come up with backstories as to why they were there and who they were. Yet the same stories keep popping up within the cybersecurity industry.
On the radio on my way to work I heard another advert encouraging people to be cyber aware; to be concerned about malware and not to bow down to ransomware attacks. The industry’s mission to educate everyone is taking shape. And then, I read an article about the most commonly used passwords of 2016, and of course, there’s some enormous issues….
Can you guess what the most common password was in 2016? The one used by nearly 1 in 5 people? The same one as 2015…. 123456. That’s right, 123456. Hello face, here's my palm! Then there’s the rest of them; QWERTY, 111111, password; the list goes on in a similar vein (my favourite of all of them was ‘google’). It amazed me that in this day and age, when we are bombarded with news articles about hackers stealing your personal data that people still aren’t making an effort to make themselves as secure as possible.
Individuals aren’t completely at fault as the websites involved should also be accountable. It is their responsibility is to make it as difficult as possible for hackers to access data on their systems. They can make their infrastructure more robust, their defences better at dealing with attacks but they should also enforce more complex password policies. Yes the companies involved in data breaches are held accountable. They are fined, exposed in the media and soon, when GDPR pops up, they are going to be regulated more and more. Surely it would be better for all companies to enforce strong password best practice, then, if hackers do get in, maybe it would be slightly more difficult for them to get into customer accounts.
We hear all the time that hacks are getting easier and easier, that they can attack multiple companies at once and more sensitive data is being breached. It’s easy to change your password to something trickier, to change it regularly on a monthly basis, all it takes is the desire to do so. I can’t see it being very difficult to change ‘password’ to ‘PaS5w0rD!&*’ and once you have done the password 10 times, you are going to remember it. Ultimately, a slight change makes things harder for hackers, keeps you more secure and helps you to become more cyber aware.
About the author