We’ll be at Compliance Week National 2024 in Washington, D.C., April 2-4. Learn more or schedule a time to meet with us at the show here.

#Article

Cracking the Code on Workplace Password Protection


Cracking the Code on Workplace Password Protection

Passwords are often overlooked, which is unfortunate because poor password protection is like handing over your house keys to a thief.

Posted by on

Passwords are often overlooked, which is unfortunate because poor workplace password protection is like handing over your house keys to a thief.

In the article from Bloomberg Businessweek, "The Problem With Passwords". The article contains data compiled from Gartner, Forrester, Duo Security, Imperva and LastBit Software, comparing and contrasting different password lengths. The data included in the article also reports that the most common passwords are 123456, password, 12345678, qwerty and abc123.

Poor record-keeping puts you at risk of further cybersecurity incidents.

To start your cybersecurity investigations strong and take better corrective and preventive actions later, you need a streamlined approach to filing incident reports. Download this free cybersecurity incident report template for more consistent, thorough records.


Get My Template

Common Password Problems

Here's some more interesting information from the article:

Time it takes a hacker's computer to randomly guess your password:

  • Length: 6 characters -  Lowercase only: 10 minutes,  Lowercase and Uppercase: 10 hours, Lowercase, Uppercase, Nos. & Symbols: 18 days
  • Length: 7 characters -  Lowercase: 4 hours, Lowercase and Uppercase: 23 days, Lowercase, Uppercase, Nos. & Symbols: 4 years
  • Length: 8 characters - Lowercase: 4 days, Lowercase and Uppercase: 3 years, Lowercase, Uppercase, Nos. & Symbols: 463 years
  • Length: 9 characters - Lowercase: 4 months, Lowercase and Uppercase: 178 years, Lowercase, Uppercase, Nos. & Symbols: 44,530 years

RELATED: Top 20 Tips for Preventing Data Theft

  • Average amount it costs a business to field a phone call requesting a password reset: $10
  • Proportion of help desk calls that are password-related: 30%
  • Users who choose a common word or simple key combination for a password: 50%

Employee Education on Workplace Password Protection

Based on this information, organizations might want to make it mandatory that all employees create a password that's 9 characters long and contains lowercase and uppercase letters, numbers and symbols. You'll probably be safe with one that's 8 characters long, but go with 9 for good measure, because 44,530 years is a pretty long time.

This data tells it like it is and shows you just how quickly computers and other systems with poor passwords can be hacked. You can't afford to have employees make these mistakes within your organization. The information from this article has been printed and hangs in a central location in our office as a reminder for employees.

It might be a good idea for your company to do the same thing. Employees need to be educated about password protection because a password like 12345678 isn't going to cut it when it comes to protecting files containing confidential information.

Hopefully this information serves as a wakeup call for those who don't take time to consider the importance of their password choices - or those who stick to the same password for everything.

RELATED: 11 Cybersecurity Threats (Plus 5 Solutions)