#The passwords most used by CEO's are startlingly dumb

-


Recent cybersecurity reports show how ridiculously many CEO's and business owners are given the password strength of the accounts they choose. Imagine leaving the livelihoods of hundreds or even thousands of employees to someone who uses "123456" or "qwerty" as their password. 

 Get ready for the palm of your long face, everyone-this is a banquet. The survey was conducted by Nord Pass Password Manager (via IFLScience), and in 2020, the most common passwords used by the general public are serial numbers such as "123456" and "Image 1", as you can imagine, "password". It turned out to be. ". 

 A recent survey sample consists of 290 million cybersecurity data breaches worldwide, showing the professional level of affected people. It turns out that password choices for CEO's and other senior executives are similar to password choices for the general public, although they often include names. Tiffany has witnessed 100,534 injured. Then there were 33,699 Charlie. Michael was discovered 10,647 times. And Jordan 10,472 times. The 

  report also ranks mythical creatures and animals among the top passwords decrypted for data breaches. "Dragon" has been viewed 11,926 times, and "Monkey" has been viewed 11,675 times. 

 I spoke to an IT support engineer called Mr Smith. He encourages businesses to consider distributing randomly generated passwords when new accounts are created. "Probably the strongest passwords are three random words that  can compose a story to remember in your head," he says. 

 This is what we have preached in the past and is also recommended by the  National Cyber ​​Security Center in the United Kingdom. 

  Smith is currently working on a more complex password generator that encourages story elements to be more memorable. Imagine being given a password that contains a combination of words such as SturgeonOfLoathing, ObligingAardvark, SpellboundFalcon ... of course you will remember. 

 You can use these types of generators in your corporate IT department to get fun passwords that are hard for anyone to crack. It's also easier to remember, so it's  less likely to change  to a ridiculous password like "Dragon". The 

 investigation is very worrisome and bitterly reveals that most data breaches do not occur as a result of deep cyber-hacking initiatives. About 80% are due to stupid people creating stupid passwords (Verizon).

Comments

Post a Comment

Popular posts from this blog

#$1.5M phishing scam

-
Image
  The US Department of Justice has convicted a Nigerian national of participating in a business email compromise (BEC) scam worth $1.5 million. The Feds say Ebuka Raphael Umeti, 35, perpetuated the scam with two alleged partners in crime, using a combination of social engineering and malicious software to pull off the million-dollar BEC scheme. A BEC fraud involves phishing emails and deception to get businesses and organizations to send money or valuable data to attackers, usually over email. According to the DoJ, Umeti got involved in BEC scams as early as February 2016, when one of his alleged co-conspirators, fellow Nigerian national Franklin Ifeanyichukwu Okwonna, is said to have sent Umeti a phishing email template. The collaborators started to see success in 2018, siphoning $571,000 from a New York wholesaler and $400,000 from a Texan metal supplier. In the following years, the scammers started domain spoofing, signed up for VoIP numbers, and communicated over the gaming-focused
Read more

#Microsoft's AI boss thinks it’s perfectly OK to steal content if it's on the open web

-
Image
  Microsoft AI boss Mustafa Suleyman incorrectly believes that the moment you publish anything on the open web, it becomes “freeware” that anyone can freely copy and use. When CNBC’s Andrew Ross Sorkin asked him whether “AI companies have effectively stolen the world’s IP,” he said: I think that with respect to content that’s already on the open web, the social contract of that content since the ‘90s has been that it is fair use. Anyone can copy it, recreate with it, reproduce with it. That has been “freeware,” if you like, that’s been the understanding. Microsoft is currently the target of multiple lawsuits alleging that it — and OpenAI — are stealing copyrighted online stories to train generative AI models, so it may not surprise you to hear a Microsoft exec defend it as perfectly legal. I just didn’t expect him to be so very publicly and obviously wrong! I am not a lawyer, but even I can tell you that the
Read more

#This man used Fake Wi-Fi Scam on Domestic Flights

-
Image
  An Australian man has been charged with running a fake Wi-Fi access point during a domestic flight with an aim to steal user credentials and data. The unnamed 42-year-old "allegedly established fake free Wi-Fi access points, which mimicked legitimate networks, to capture personal data from unsuspecting victims who mistakenly connected to them," the Australian Federal Police (AFP) said in a press release last week. The agency said the suspect was charged in May 2024 after it launched an investigation a month earlier following a report from an airline about a suspicious Wi-Fi network identified by its employees during a domestic flight. A subsequent search of his baggage on April 19 led to the seizure of a portable wireless access device, a laptop, and a mobile phone. He was arrested on May 8 after a search warrant was executed at his home. The individual is said to have staged what's called an evil twin
Read more