PC Gamer is supported by its audience. When you buy through links on our site, we may earn an affiliate commission. Learn more
By published
Why is it that the people we entrust our livelihoods to can’t even manage the basics?
A recent cybersecurity report shows how immensely idiotic many CEOs and business owners can be, considering the strength of their chosen account passwords. Imagine entrusting the livelihood of hundreds, even thousands of employees to someone who uses ‘123456’ or ‘qwerty’ as a password.
Prepare yourself for a long-ass facepalm, people—this one’s a doozy.
The research comes from NordPass password manager (via IFLScience) which identified back in 2020 that the general public’s most commonly used passwords were sequential numbers like ‘123456’, ‘picture1’, and yep, you guessed it: ‘password’.
The more recent research sample consists of 290 million cybersecurity data breaches around the globe, and denotes the job level of those affected. Turns out, when it comes to CEOs and other high-ranking businesses execs, their password choices are much the same as the general public, although many often feature names. Tiffany was spotted in 100,534 breaches; then there was Charlie with 33,699; Michael was found 10,647 times; and Jordan, 10,472 times.
The report also ranks mythical creatures and animals as some of the top passwords to have been cracked in data breaches. ‘Dragon’ was spotted 11,926 times, and ‘monkey’ comes in at 11,675.
I spoke to IT support engineer Ash Smith, who recommends that companies should consider handing out randomly generated passwords as new accounts are created. «Arguably the strongest passwords are 3 random words, something that you can make a story about in your head to help you remember,» he says.
That’s something we’ve preached in the past, and its something the UK’s National Cyber Security Centre recommends, too.
Best PCIe 4.0 SSD for gaming: the next gen has landed
The best NVMe SSD: slivers of SSD goodness
Best external hard drives: expand your horizons
Best external SSDs: plug-in upgrades for gaming laptops and consoles
Right now, Ash is working on a more complex password generator that encourages story elements to make them more memorable. Imagine getting a password featuring a word combo like SturgeonOfLoathing, ObligingAardvark, or SpellboundFalcon… of course you’re going to remember it.
Using these kinds of generators in business IT department means everyone gets a fun password that’s harder to crack, and because it’s memorable people are less likely to change it to something stupid like ‘dragon’.
The research is pretty worrying, and makes it painfully clear that most data breaches don’t happen because of some profound cyber hacking initiative; around 80% are down to stupid people making stupid-ass passwords (Verizon).
It also makes you wonder… Does the boss even go to those ‘mandatory’ cybersecurity training meetings we get so many emails about?
Screw sports, Katie would rather watch Intel, AMD and Nvidia go at it. She can often be found admiring AI advancements, sighing over semiconductors, or gawping at the latest GPU upgrades. She’s been obsessed with computers and graphics since she was small, and took Game Art and Design up to Masters level at uni. Her thirst for absurd Raspberry Pi projects will never be sated, and she will stop at nothing to spread internet safety awareness—down with the hackers.
Sign up to get the best content of the week, and great gaming deals, as picked by the editors.
Thank you for signing up to PC Gamer. You will receive a verification email shortly.
There was a problem. Please refresh the page and try again.
PC Gamer is part of Future US Inc, an international media group and leading digital publisher. Visit our corporate site.
© Future US, Inc. Full 7th Floor, 130 West 42nd Street, New York, NY 10036.
