If This Is Your Password, Change It Now
March 2, 2012 by staff
If This Is Your Password, Change It Now, The number one way hackers get into protected systems isn’t through a fancy technical exploit. It’s by guessing the password. That’s not too hard when the most common password used on business systems is “Password1.”
There’s a technical reason for Password1′s popularity: It’s got an upper-case letter, a number and nine characters. That satisfies the complexity rules for many systems, including the default settings for Microsoft’s (MSFT, Fortune 500) widely used Active Directory identity management software.
Security services firm Trustwave spotlighted the “Password1″ problem in its recently released “2012 Global Security Report,” which summarizes the firm’s findings from nearly 2 million network vulnerability scans and 300 recent security breach investigations.
Around 5% of passwords involve a variation of the word “password,” the company’s researchers found. The runner-up, “welcome,” turns up in more than 1%.
Easily guessable or entirely blank passwords were the most common vulnerability Trustwave’s SpiderLabs unit found in its penetration tests last year on clients’ systems. The firm set an assortment of widely available password-cracking tools loose on 2.5 million passwords, and successfully broke more than 200,000 of them.
Verizon came up with similar results in its 2012 Data Breach Investigations Report, one of the security industry’s most comprehensive annual studies. The full report will be released in several months, but Verizon (VZ, Fortune 500) previewed some of its findings at this week’s RSA conference in San Francisco.
Please feel free to send if you have any questions regarding this post , you can contact on
Disclaimer: The views expressed on this site are that of the authors and not necessarily that of U.S.S.POST.