searchtwitterarrow rightmail strokearrow leftmail solidfacebooklinkedinplusangle upmagazine plus
Help Net Security - Daily information security news with a focus on enterprise security.
  • News
  • Features
  • Expert analysis
  • Reviews
  • Events
  • Whitepapers
  • Industry news
  • Newsletters
  • (IN)SECURE Magazine

Related topics

  • How privacy and security concerns affect password practices
  • 773 million records exposed in massive data breach
  • Worst password offenders of 2018 exposed
  • Stringent password rules lower risk of personal data breaches

Featured news

  • Phishers count on remotely hosted images to bypass email filters
  • Fraudulent attempt purchase value decreased by $10 in 2020 compared to 2019
  • Revenue for 5G enterprises in the Asia-Pacific region to reach $13.9B by 2024
  • Most containers are running as root, which increases runtime security risk
  • Healthcare IT teams battle with technical challenges to ensure network resilience and security
Help Net Security
Help Net Security
February 19, 2019
Share

Indicators of poor password hygiene exposed

The recovered compromised credentials and personally identifiable information (PII) as well as the identified trends in online security habits and the data criminals tend to steal and use, have been released in the 2018 Credential Exposure Report by SpyCloud.

indicators of poor password hygiene

SpyCloud’s research team recovered 3,457,017,136 exposed sets of online account credentials and PII from 2,882 different sources, many of which were high-profile data breaches that led to credentials going up for sale on dark web forums and marketplaces. Over 2.6 billion of those credential sets included a password.

Based on SpyCloud’s analysis of the leaked data, at least 24 percent of users recycled a password, with an overwhelming 90 percent of that segment reusing an exact match as far as spelling, capitalization, special symbols and arrangement. Another 7 percent of those users just added one or two numbers onto the end of their preferred, recycled password. Inadequate password hygiene makes it significantly easier for criminals to engage in credential stuffing and resulting ATO.

“Account takeover facilitated by weak or stolen passwords is still one of the leading causes of fraud today,” said Eric Murphy, vice president of security research at SpyCloud. “Criminals understand how incredibly easy and effective it is to compromise online accounts at scale using software tools freely available for download.”

SpyCloud was able to use its industry-leading proprietary password cracking technology to decrypt 87 percent of recovered encrypted password hashes. Of those passwords not already visible in plain text, 25 percent used md5, 22 percent used bcrypt, 17 percent used sha1, 10 percent used snefru-256 and 6 percent used sha512.

indicators of poor password hygiene

Among plaintext passwords, the most popular was “123456” (favored by more than 39 million users), while “password” appeared as the ill-advised passcode of choice more than 7 million times. Popular sports and teams, country names and large cities commonly made the list of most used passwords on a geographic basis. Interestingly, “anhyeuem” – Vietnamese for “I love you” – cracked the top 15 most common plaintext passwords.

“One of the easiest ways to mitigate account takeovers is to curtail password reuse across multiple accounts and make passwords difficult to steal or bypass,” said Ted Ross, CEO of SpyCloud. “Until we instill security-aware culture within organizations and ensure that individuals are consistently practicing good password hygiene spanning both work and personal accounts, ATO and its harsh consequences will persist.”

More about
  • account protection
  • authentication
  • cybercriminals
  • cybersecurity
  • data protection
  • data security
  • passwords
  • SpyCloud
  • strategy
  • survey
Share this
bot

What analytics can unveil about bot mitigation tactics

  • Understanding third-party hacks in the aftermath of the SolarWinds breach
  • Minimizing cyberattacks by managing the lifecycle of non-human workers
Top videoconferencing attacks and security best practices

What's new

week in review

Week in review: Pen testing, Sunspot malware, Microsoft plugs Defender zero-day

gap

Understanding third-party hacks in the aftermath of the SolarWinds breach

email

Phishers count on remotely hosted images to bypass email filters

bot

What analytics can unveil about bot mitigation tactics

Don't miss

bot

What analytics can unveil about bot mitigation tactics

gap

Understanding third-party hacks in the aftermath of the SolarWinds breach

email

Phishers count on remotely hosted images to bypass email filters

bot

Minimizing cyberattacks by managing the lifecycle of non-human workers

containers

Most containers are running as root, which increases runtime security risk

Help Net Security - Daily information security news with a focus on enterprise security.
Follow us
  • Features
  • News
  • Expert Analysis
  • Reviews
  • Events
  • Whitepapers
  • Industry news
  • Newsletters
  • Twitter

In case you’ve missed it

  • Securing the connected home: A joint task for homeowners and their ISP
  • Cybersecurity sales: Do you have what it takes to succeed?
  • How do I select a data control solution for my business?
  • How do I select cyber insurance for my business?

(IN)SECURE Magazine ISSUE 67 (November 2020)

  • Hardware security: Emerging attacks and protection mechanisms
  • Justifying your 2021 cybersecurity budget
  • Cooking up secure code: A foolproof recipe for open source
  • Mapping the motives of insider threats
Read online
© Copyright 1998-2021 by Help Net Security
Read our privacy policy | About us | Advertise