Is your password P@ssw0rd? Then today is the day to change it.
You might think: I would NEVER use password as a password. But our experts, including Sudharshan Kumar and Eva Garcia Soto, still see a lot of this during cybersecurity assessments they perform.
These things stand out when it comes to password security:
🔑 Even weak passwords might pass corporate requirements: During pentests, our testers see a lot of passwords like "P@ssw0rd" or "Passw0rd" or "Password2023!". Most organizations have a password policy: a password needs 8 characters - uppercase and lowercase - including numbers and special characters. That means the passwords above satisfy the password policy despite being easy to guess…
🔑 The Dutch love voetbal: Interestingly, in the Netherlands, the word ‘voetbal’ is used as the basis for many passwords, our testers saw. For instance: "Voetbal2023!" or "Voetbal23". These also check all the boxes of a strong password – but if everyone uses the same word, that somewhat undermines its security.
🔑 Autumn2023 is still going strong: In phishing simulations, passwords like "spring23" or "angela05" pop up quite often, indicating that the trend of incorporating seasons and personal namesrefuses to die.
🔑 People often pick easy associations: Another startling find was passwords mirroring the name of the service, like "udc_password" for a service named UDC.
🌐 What does this mean for you? Changing your password is more than a compliance tick-box. It’s about creating a barrier that really secures your digital identity. This ‘Change Your Password Day’ is a perfect opportunity to strengthen your first line of defense.
Our Advice:
- Avoid predictable patterns.
- Mix in unrelated words and numbers.
- Use a password manager for complex passwords.
- Regularly update your passwords.
Let’s not make a hacker’s job easy. Your security is our priority. Happy password changing!
Why choose Secura | Bureau Veritas
At Secura/Bureau Veritas, we are dedicated to being your trusted partner in cybersecurity. We go beyond quick fixes and isolated services. Our integrated approach makes sure that every aspect of your company or organization is cyber resilient, from your technology to your processes and your people.
Secura is the cybersecurity division of Bureau Veritas, specialized in testing, inspection and certification. Bureau Veritas was founded in 1828, has over 80.000 employees and is active in 140 countries.