The healthcare sector’s employees, working for the world’s richest companies, use poor passwords to secure business accounts, reveals new research by NordPass. While cybersecurity experts repeatedly urge businesses to take better care of corporate accounts, passwords such as “123456,” “password,” and “12345” still make it to the top of the healthcare industry’s list.
These are the 10 most used passwords in the healthcare sector.
- 123456
- password
- part of the company’s name*
- 12345
- aaron431
- part of the company’s name2012*
- Part of the company’s name*
- PART OF THE COMPANY’S NAME443*
- company name2014*
The current recommendation for strong passwords is now at least 15 characters, with requirements of upper-case and lower-case letters, numbers, symbols.
Although NordPass looks at the change in internet users’ password habits year-round, this year, the company specifically investigated passwords that employees of the world’s biggest companies from 31 countries use to secure business accounts. The researchers compiled 20 industry-specific passwords lists.
“On one hand, it is a paradox that the wealthiest companies on the planet with financial resources to invest in cybersecurity fall into the poor password trap. On the other hand, it is only natural because internet users have deep-rooted unhealthy password habits. This research once again proves that we should all speed up in transitioning to alternative online authentication solutions,” says Karolis Arbaciauskas, the head of business development for NordPass.
“Password,” “Med,” and other questionable passwords
According to the study, the passwords “password” and “123456,” which shared the top two spots in last year’s list of the world’s most common passwords, are also popular among the largest companies’ employees. Across all 20 analyzed industries, both of these passwords were found to be among the seven most commonly used passwords. The word “password” was the number 2 most trending pick among the healthcare sector’s employees and “123456” ranked first.
People working for corporations in the healthcare field often picked “Med” for their passwords. Other industries were also creative. The password “dummies” ranks 6th among consumer goods sector employees, “sexy4sho”—16th among real estate employees, and “snowman”—1th in the energy field.
Common inspiration for passwords
Dictionary words, names of people and countries, and simple combinations of numbers, letters, and symbols make up most passwords presented in the research.
However, the remaining 32% indicate another interesting trend. The world’s wealthiest companies’ employees love passwords that directly reference or hint at the name of a specific company. The full company name, the company’s email domain, part of the company’s name, an abbreviation of the company name, and the company product or subsidiary name are common sources of inspiration. These passwords make up half of the healthcare sector’s list.
“These types of passwords are both poor and dangerous to use. When breaking into company accounts, hackers try all the password combinations referencing a company because they are aware of how common they are. Employees often avoid creating complicated passwords, especially for shared accounts. Therefore, they end up choosing something as basic as the company’s name,” says Arbaciauskas.
“While password trends slightly vary each year across different audiences, the general take is that people continuously fail with their password management, and the world desperately needs to switch to new online authentication solutions such as passkeys,” says Arbaciauskas.
Various businesses such as Google, Microsoft, Apple, PayPal, KAYAK, and eBay have already adopted passkey technology and are offering their users passwordless login. According to Arbaciauskas, soon other online companies will start following this trend. Therefore, NordPass has developed a solution to create, store, manage, and share passkeys.
*This password is directly referencing a company. NordPass is not naming the exact business. It notes the format in which this password was used, for example, the abbreviation of the company’s name, part of the name, or the name combined with other words or symbols.
