To compile it's new Fortune 500 password study (opens in new tab), the researchers at the password management company analyzed data from public third-party breaches that affected Fortune 500 companies. In total, they analyzed data from over 15m breaches across 17 different industries to find the top 10 passwords used in each industry, the percentile of unique passwords and the number of data breaches affecting each industry.
While using simple passwords poses a risk to all users, businesses and their employees have a lot more to lose from reusing passwords across their online accounts. Back in February for instance, a water treatment facility (opens in new tab) in Florida had a serious security breach due to the fact that it was still using Windows 7 (opens in new tab) with no firewall (opens in new tab) and all of its employees shared the same TeamViewer (opens in new tab) password.
- We've assembled a list of the best password managers (opens in new tab) available
- These are the best business password managers (opens in new tab) on the market
- Also check out our roundup of the best identity management (opens in new tab) software
Security expert at NordPass, Chad Hammond provided further insight on how weak employee passwords can jeopardize an organization's entire business, saying:
“Businesses and their employees have a duty to protect their customers’ data. A weak password of one employee could potentially jeopardize the whole company if an attacker used the breached password to gain access to sensitive data.”
Poor password hygiene
According to NordPass' research, the top password in the retail and ecommerce, energy, technology, financial services, agriculture, media and advertising, hospitality, human resources and real estate industries is “password”. While “123456” is the most popular password in telecommunications and healthcare, many other industries simply use their “company name” as their password.
Simple passwords can easily lead to data breaches and according to a report (opens in new tab) from IBM, the average global cost of a data breach (opens in new tab) is now at $3.86m. However, a data breach in the healthcare industry costs much more at $7.13m and data breaches at US-based companies now cost an average of $8.64m.
To improve password hygiene at businesses, NordPass recommends that they create complex and unique passwords using a password generator (opens in new tab) or password manager (opens in new tab), use multi-factor authentication (opens in new tab) and educate their employees on the risks of using simple password for their work and personal accounts.
- We've also featured the best identity theft protection (opens in new tab)