Passwords. It’s hard to believe but a report by Verizon Data Breach Investigations Report (DBIR) found that 81% of data breaches are still caused by weak, reused, and compromised passwords. A separate investigation spearheaded by WatchGuard, a network security company found that they succeeded in cracking 355,000 government and military passwords in only 2 days. Common and predictable passwords such as “12345” are to blame.

Data Breach Case

The habitual use of weak passwords is not exclusive to government sector only. Sony Pictures had an unfortunate dalliance with cyberattacks in 2014 thanks to the North Korean government (allegedly). The perpetrator launched an aggressive all-out hack on the US entertain company when it refused the demand to withdraw The Interview. Chaos ensues – copies of internal e-mails between employees, unreleased films, plans for future films, personal information about employees, and others were leaked.

The fiasco raised concerns on existing cybersecurity infrastructure of Sony Pictures. However, the notable outcome is probably the financial loss whereby it costs the company USD$35 million for IT repairs.

What could likely cause this? As you have probably guessed it, weak passwords. Dump files collected from the incident revealed that the employees in Sony Pictures use passwords such as “password” and “s0ny123”. Human factor plays a key role to prevent data breaches and the lack of preparedness rear its ugly outcome in the case of Sony Pictures hack.

Worryingly, this trend of weak passwords continue to persist. A study by Key Security found that people continue to use weak passwords and “123456” was the most popular password in 2016. A online security survey by Google found that 65% of users utilize same password for multiple accounts. The re-use of same passwords is a ticking-time bomb for users indulging in this practice.

End Weak Passwords For Good

How strong is your password? This interactive tool by BetterBuys gives you a reality check.

Weak dangers poses a danger to an organization. Financial loss is regrettable but a damaged reputation is probably the worst outcome. To prevent data breaches, good practices of passwords should be considered.

Avoid Periodic Changes

Often we are advised to change our passwords every 60 – 90 days. Repeated change of passwords impose greater difficulties for cybercriminals but unfortunately, it also causes a strain on users’ memory. Therefore, IT cybersecurity specialists should advise employees to change their employees only when there is a potential risk.

Create Password Blacklist

Research on a list of common passwords used by online users and use it as a blacklist to prohibit employees from using them. Hackers usually attack by gaining access by using common passwords, therefore, we need to outsmart them. Continuous review of the blacklist ensure no weak passwords are used and Azure training.

Authorize Two-Factor Authentication

Passwords alone may not be sufficient. Two-factor authentication can reinforce access management to corporate servers. Additional codes will be delivered to users’ smartphones to confirm their identities. This type of authentication helps to enhance identity verification when employees are trying to Azure certification.


Passwords may seem trivial to some, but they are the gatekeepers for data security for each individual and organizations. Arguably it’s the first line of defense against cyberattacks, one should take their passwords seriously. Prevention is better than cure, a strong passwords can prevent incidents of identity theft, data breach, and others that scream tragedy.