Identity is Security: What’s Your Password?
Thanks to World Password Day, passwords are in the spotlight in this week’s news cycle. You may think the password’s days are numbered, but they’re still a major piece of the cybersecurity puzzle.
Our weekly news recap begins in small-town Virginia. A high-school student got his hands on a password allowing him to view one of the school’s security camera feeds. The school later admitted password protection was inadequate and that they took steps to secure the cameras, but it left parents concerned that others would be able to access the cameras inside the school.
Just yesterday, Twitter announced a platform-wide password exposure. A “bug” was found that exposed user passwords in plaintext, and rather than force a password reset, Twitter simply encouraged users to change their passwords. Given that so many folks practice poor password hygiene and use the same password for Twitter as their work accounts, this exposure could have far-reaching consequences.
That story feeds nicely into the next one: It’s time to Stop it With the Terrible Passwords. PCMag surveyed US consumers, and not-surprisingly, we’re failing at password security. From password reuse to sharing them to using easily crackable ones like their names or birthdays, it’s no wonder so many people are affected in data breaches.
It isn’t just things like “password” and “qwerty” and your cat’s birthday that make a password weak. There are many passwords that are being used en masse. One of those making annual most popular password lists is “dragon,” one of many passwords that could be hacked in a matter of seconds.
This is similar to SailPoint’s own research. As it turns out, even IT leaders are struggling with basic password hygiene. As many as 55% are reusing passwords across multiple accounts, a practice that can have a catastrophic domino effect of consequences in the event of a breach. Our findings are a friendly reminder that it’s not just you and that we are all in this fight together.
Until next week, stay secure!
Editor’s note: At SailPoint, we know that identity is security, so we keep a pulse on what’s happening in cybersecurity every day. This weekly post features some of the biggest stories of the week and ones that may have flown under the radar. Check in each week for a news roundup and share what you’re reading with us by tweeting us at @SailPoint.