Your health care CEO probably has a stupid password

Health care is one of the top targets of hackers worldwide, yet CEOs continue to use passwords that are easy to hack, putting the entire organization at risk

A study by NordPass shows that health care is the fourth-most breached industry by cybercriminals, yet health care executives may be contributing to the problem with poor passwords.

Business owners, CEOs, and other C-level executives most popular password is “123456.” This is part of an overall trend by executives across all industries that tend to use easily hackable passwords that mainly include sequence combinations of number or letters.

These include but are not limited to “1q2w3e,” “12345,” “11111,” and “qwerty.” The winner in all categories remains “123456” (used over 1.1 million times), with the password “password” (used over 700 thousand times) coming in second.

Research suggests that top-level executives also extensively use names or mythical creatures as an inspiration when creating passwords. Among the most popular are “dragon” and “monkey.” The most widely chosen names used in passwords are “Tiffany,” “Charlie,” “Michael,” and “Jordan,” which may or may not hint at the legendary basketball player. The complete list can be found here.

Here are the five of the 10 most common passwords among the healthcare sector’s employees (the other five are the person’s company name or company name with the year):

  1. 123456
  2. password
  3. aaron431
  4. 12345
  5. pass1

NordPass researchers point out that high-ranking executives make the same password mistakes as the average internet user. For example, “123456” and “123456789” rank in the top five among both audiences. This significantly increases the risks of cyberattacks at both the person and company level.

“It is unbelievable how similar we all think, and this research simply confirms that — what we might consider being very original, in fact, can place us in the list of most common,” said Jonas Karklys, the CEO of NordPass in a statement. “Everyone from gamer teenagers to company owners are targets of cybercrimes, and the only difference is that business entities, as a rule, pay a higher price for their unawareness.”

Tips to ensure your passwords are safe

According to Karklys, people can avoid many data breaches by following simple steps to improve password security:

  1. Deploy a password manager. Password managers allow you to store all the passwords in end-to-end encrypted digital storage locked with a single keyword for the most convenience. Most password managers have additional features to check passwords’ strength and automatically generate unique passwords. For organizations, they can come in handy when sharing passwords with employees or managing their access.
  2. Introduce cybersecurity training. Since simple human mistakes remain the leading cause of data breaches, it is worth investing in cybersecurity training sessions for employees. Starting from the basics might be a good idea given that people have different technology background levels.
  3. Enable multi-factor authentication. Known as MFA, it serves as an extra layer of security. It is an authentication method that uses two or more mechanisms to validate the user’s identity – these can be separate apps, security keys, devices, or biometric data.