“Password1” is the world’s most used password, PCMag.com recently reported. Can you believe that? Trustwave, security and digital certificate authority, recently highlighted this logic as the biggest security threat in their Global Security Report for 2012.
Why “Password1”? Trustwave says it is the simplest combination satisfying the default Microsoft Active Directory complexity settings. It includes a capital letter, a number and the required number of characters to form a password.
However, Trustwave believes this is only one of several prevalent business security issues. Trustwave’s other key findings included:
• Customer records remained a valuable target for attackers, making up 89% of breached data.
• For the second year, the food and beverage industry made up the highest percentage of investigations at nearly 44%.
• Industries with franchise models are the new cyber targets: more than a third of 2011 investigations occurred in a franchise business.
• In 76% of incident response investigations, a third party responsible for system support, development and/or maintenance of business environments introduced the security deficiencies.
• Law enforcement detected more breaches in 2011 — up from 7% in 2010 to 33% in 2011.
• Data harvesting techniques continued to target data “intransit” within victim environments showing up in 62.5% of 2011 investigations.
• Anti-virus detected less than 12% of the targeted malware samples collected during 2011 investigations.
• For Web-based attacks, SQL injection remains the number one attack method for the fourth year in a row.
Other risks or lapses in logic Trustwave highlighted were setting usernames as passwords, simple numerical changes to passwords and using simple variations to meet complexity requirements “such as capitalising the first letter and adding an exclamation point to the end” of the password.
Often users find it difficult memorising multiple passwords, and frequent required password changes add to employers’ woes. Even companies with good password policies still struggle.