New Study Reveals That 60% of Passwords Are Guessed During Attacks

What is the last password you entered to log into one of your accounts? Are you confident that this password is strong enough to withstand cyber attackers? Such passwords as password321, iloveyou, football, donaldtrump, or even !@#$%^&* are not safe. As a matter of fact, anyone could guess them. Unfortunately, people are not always careful about how they share their usernames or email addresses either, and that puts their virtual security at serious risk. Let’s say you encountered a banner ad suggesting that you are eligible for a prize giveaway. If you are fooled by the scam, you might disclose your email address without even thinking about your virtual security. Once schemers have this piece of information, they can employ software to try to guess the password that is linked to the address.

According to the annual report published by Rapid7, 72% of IT security organizations had passwords compromised, and 60% of those were easily-guessable passwords. That means that, for the most part, we are the ones who cause password vulnerabilities and create perfect conditions so that hackers can guess weak passwords. Luckily, there is hope, and you can turn things around today.

Users must learn about password vulnerabilities

When it comes to passwords, the responsibility lies in the hands of users. Hackers can guess weak passwords without much trouble, and so it is important that every single password is taken care of. That includes default passwords that might bet set on printers, routers, and other devices that the attackers could use to gain access to all of the associated systems.

There are plenty of password vulnerabilities that make it much easier for the attackers to brute-force them and, eventually, overtake users’ accounts. These vulnerabilities include:

  • RECYCLING – the same password is reused on one or multiple other accounts.
  • POOR LENGTH – the password is too short. Users are advised to use as many characters as possible. If, for example, you can choose from 6 to 16 characters, opt for the 16 characters.
  • EASILY GUESSABLE COMBINATION – if the password you choose to guard the entrance to your virtual account is easy to guess, you are simply asking for trouble.
  • LETTERS ONLY – if you opt for a letters-only combination, your password will not be safe. When possible, use numbers and special symbols too, and also add upper and lower case letters.
  • OVERSHARING – if you worry about password vulnerabilities, you do NOT want to write down your passwords on post-it notes or share them with anyone.
  • POOR SECURITY – sometimes, even the strongest passwords cannot be saved against data breaches and smart cyber criminals, and, in many cases, poor security is to blame for that.

IT security companies are not the only ones at risk

Are hackers more interested in breaching the passwords that belong to large companies? Some hacking groups are certainly more interested in taking over the accounts that belong to government agencies, large organizations, and other entities to extract highly sensitive information and make bigger attacks possible. That being said, hackers are not ignoring regular users either. First of all, for the most part, the accounts of these users are generally less secure due to existing password vulnerabilities. That means that the attackers can be more successful on a lower scale.

Second, all information is important and sellable. If hackers can guess weak passwords, they can take over online baking accounts, social media accounts, email accounts, etc. This could give them access to a great deal of sensitive information, including your social security number, credit card numbers, healthcare information, photos, home address, telephone numbers, and so on. All of this could help schemers perform identify theft, create fake profiles, and, eventually, impersonate you.

Here’s how you can protect your passwords

Now that you are aware of the different password vulnerabilities and you know that hackers can guess weak passwords, you need to start making some changes. First and foremost, change your passwords! This will not be that easy to do if you have many accounts and if you decide to go about the task one password at a time. Luckily, that is not your only option. You can employ a password manager that will help you change all of your passwords from one window. Cyclonis Password Manager is a free utility, and you can upload all of your passwords to it. Then, the integrated Password Analyzer will assess them all, and you will be informed which ones need to be changed. Finally, using the utility, you will be able to “fix” the issue and abolish password vulnerabilities.

The Cyclonis Password Manager will keep your passwords safe at all times, and it will also make it easier for you to log into your virtual accounts. Furthermore, because you will not need to enter your passwords one key at the time, you will be able to make them as complex as possible (a prime example of that would be something like this: =0-e0V__-?#G=k+!C|+l3-^^$=?j:&4@). At the same time, you will protect your passwords against keyloggers and other types of malware that could try to read your passwords without your notice. Speaking of malware, do not forget that overall security is very important, and you want to implement reliable security software to guarantee full-time protection.

Finally, do not forget that information is a key that unlocks many doors. When data breaches occur, timing is everything, and if you can learn about a breach right away, your chances of preventing account takeover and further security issues can increase dramatically. It is also important to know when you can handle issues on your own and when the time to seek help comes. If, for example, you find out that your online banking account was breached due to existing password vulnerabilities, do not play a hero and immediately contact your bank. They will know how to help you the best.

By Foley
August 21, 2019
Password Security
English
August 21, 2019
Password Security

Popular Posts

As Fears of the Coronavirus Pandemic Spread, So Does...

4 years ago

Microsoft Warns State-Backed Threat Actors Are Using AI in...

4 days ago

Trojan Al11 Malware Detection & Removal - An Essential...

11 months ago

Pinaview is a Fully-Featured Adware App

10 months ago

"Your iCloud is Being Hacked" and "Your iPhone has Been...

7 months ago

What is Lucky Ransomware?

7 months ago

Related Posts

News

Even Security Professionals Continue to Reuse Passwords, Study Finds

We can only imagine that being a security expert is not easy. You spend years trying to tell people that they should really start taking their online safety seriously, and yet, the constant barrage of successful... Read more

July 27, 2018
Malware

Are Passwords in Danger When the Hawkeye Keylogger Attacks?

The HawkEye keylogger has been around for about six years now and despite the fact that some would say it has silly name (for a malicious program), it's not just a simple hacking tool developed by a teenage computer... Read more

May 31, 2019
Password Security

Long Passwords Versus Complex Passwords: Which Is Superior?

Let's face it, when it comes to login authentication, there isn't a more used tool than the good old password. It doesn't matter if you're trying to login into your email account, your smartphone, your PayPal account,... Read more

March 30, 2018
English
Loading...

Cyclonis Backup Details & Terms

The Free Basic Cyclonis Backup plan gives you 2 GB of cloud storage space with full functionality! No credit card required. Need more storage space? Purchase a larger Cyclonis Backup plan today! To learn more about our policies and pricing, see Terms of Service, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Cyclonis Password Manager Details & Terms

FREE Trial: 30-Day One-Time Offer! No credit card required for Free Trial. Full functionality for the length of the Free Trial. (Full functionality after Free Trial requires subscription purchase.) To learn more about our policies and pricing, see EULA, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Home

Products

Cyclonis Backup Cyclonis Password Manager Cyclonis World Time

Support

Help Files FAQs Downloads Inquiries & Support

Company

About Us Contact Us Report Abuse

Legal (Post Merger)

EnigmaSoft Limited (fka Cyclonis Limited)

Cyclonis Backup's Terms of Service Cyclonis Password Manager's EULA Cyclonis World Time's Terms of Service Privacy Policy Cookie Policy Special Discount Offer Terms Additional Terms & Conditions SpyHunter EULA RegHunter EULA EnigmaSoft Privacy Policy & Cookie Policy ESG Privacy Policy & Cookie Policy EnigmaSoft Discount Offer Terms ESG Discount Offer Terms

© 2017-2024 Cyclonis Ltd. CYCLONIS is a trademark of EnigmaSoft Limited (Cyclonis was merged into EnigmaSoft Limited effective November 25, 2023.) All rights reserved.

Registered Office EnigmaSoft Limited: 1 Castle Street, 3rd Floor, Dublin 2 D02 XD82, Ireland.
EnigmaSoft Limited, Private Company Limited by shares, Company Registration Number 597114.

Windows is a trademark of Microsoft, registered in the U.S. and other countries.
Mac, iPhone, iPad and App Store are trademarks of Apple Inc., registered in the U.S. and other countries.
iOS is a registered trademark of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.
Android and Google Play are trademarks of Google LLC.