HR has the worst password habits

How secure is your password? Clue – not very

HR has the worst password habits

In the 21st century, useless passwords such as “123456” and “password” are still very much in circulation. In fact, they’re two of the most widely used codes among HR professionals, according to a new study looking into security breaches across industries. HR practitioners use “shockingly weak” passwords, research from security specialist NordPass showed. Of course, having to recall a complex alphanumeric string during every login isn’t easy.

Read more: Never recycle old passwords, security experts warn

Owing to the nature of their work, HR practitioners must be mindful of their password hygiene. The codes they create are often the only barrier keeping hackers and identity thieves from stealing corporate data and personal records.

“A weak password of one employee could potentially jeopardise the whole company if an attacker used the breached password to gain access to sensitive data,” added Chad Hammond, security expert at NordPass. On top of that, data breaches cost businesses nearly US$4m on average. It may be a simple error but it’s one with a heavy price tag.

Which passwords used by HR are the worst?

  1. password
  2. Kenzie14
  3. Company name123*
  4. Company name1234*
  5. welcome1
  6. 123456
  7. Company name*
  8. linkedin
  9. scooter
  10. Password

Read more: A single email could be ‘catastrophic’ for your company

How can HR improve their password habits?

  • Create complex and unique passwords.
  • Update them regularly and store them in a password manager.
  • Use multi-factor authentication or single sign-on.
  • Educate your employees on password hygiene and potential risks.

“It’s important to note that employees should avoid mixing their work and personal accounts. This ensures that your personal identity is not only protected, but also any information related to your employer is safeguarded in the event of a breach,” analysts said. “Consumer-facing breaches can extend beyond personal accounts, potentially exposing the enterprise as well. Data breaches like this can create a domino effect across multiple organisations through the reuse of credentials across personal and business accounts.”

Recent articles & video

Quebec launches construction camps to address labour shortage

IRCC implementing stricter rules for intra-company transferees

Mental health benefits essential to job satisfaction: survey

Worst of deepfake threats 'yet to come'

Most Read Articles

Ex-VP keeps business documents of former employer, starts new company

Update on Phoenix pay system: Ottawa tests out Dayforce system

DoorDash imposing 'regulatory response fee' after changes to gig work rules in B.C.