Colin-on-Cars – Auto industry lags in password security

The auto industry is a haven for innovative design, technological breakthroughs – and some of weakest passwords on company computers.

Automotive industry employees use shockingly weak passwords, according to new research by  NordPass’s. This alarms security experts, as weak passwords make it very easy for hackers to access accounts.

Here are the top 10 passwords in automotive industry:

  1. 123456
  2. password
  3. aaron431
  4. Company name2002*
  5. 12345
  6. 123456789
  7. default
  8. penispenis
  9. 1234
  10. Company name*

* This password is a company name or a variation of it (e.g. Company name2002). We are not naming the exact company.

young focused woman writing in planner while using laptop
Photo by Liza Summer on Pexels.com

The researchers analysed data from public third-party breaches that affected Fortune 500 companies. In total, the analysed data included 15 603 438 breaches and was categorised into 17 different industries. The researchers looked into the top 10 passwords used in each industry, the percentile of unique passwords and the number of data breaches affecting each industry.

Simple passwords are very dangerous to all users, but businesses and their employees need to take extra care when it comes to cybersecurity.

For example, back in February, a water treatment facility in Florida had a serious computer breach. The company used an unsupported version of Windows with no firewall and shared the same TeamViewer password among its employees. And in December 2020, SolarWinds suffered from a big data breach, reportedly due to protecting one of their servers with the password ‘solarwinds123’.

“Businesses and their employees have a duty to protect their customers’ data. A weak password of one employee could potentially jeopardize the whole company if an attacker used the breached password to gain access to sensitive data,” says Chad Hammond, security expert at NordPass.

unrecognizable hacker with smartphone typing on laptop at desk
Photo by Sora Shimazaki on Pexels.com

According to an IBM report, an average global cost of a data breach is $3,86-million. However, a data breach in the healthcare industry costs much more — $7,13-million. And out of all countries, data breaches in US-based companies are the most expensive — $8,64-million.

According to Statista, the cost consists of things such as: lost business resulting from diminished trust or confidence of customers; costs related to detection, escalation, and notification of the breach; ex-post response activities, such as credit report monitoring.

In addition to that, counties in the European Union face GDPR fines, which are maximum €20-million or 4% of the annual global turnover, whichever is greater.

How can businesses increase their password hygiene?

1. Create complex and unique passwords, update them regularly, and store them in a password manager.

Adopting a password manager for company-wide use is your best bet to maintain the security of your business accounts. A password management solution provides a secure way to store, share, and manage passwords in a single place.

2. Use multi-factor authentication or single sign-on

Companies should use multi-factor authentication where available for an added layer of security. Another great idea is to leverage single sign-on and password synchronization. With single sign-on, employees are less likely to revert to bad password practices, such as creating common passwords or writing them down.

3. Educate your employees on password hygiene and potential risks

It’s important to note that employees should avoid mixing their work and personal accounts. This ensures that your personal identity is not only protected, but also any information related to your employer is safeguarded in the event of a breach.

Consumer-facing breaches can extend beyond personal accounts, potentially exposing the enterprise as well. Data breaches like this can create a domino effect across multiple organizations through the reuse of credentials across personal and business accounts.

Methodology: The list of passwords was compiled in partnership with a third-party company specialising in data breach research. They analysed data from public third-party breaches that affected Fortune 500 companies. In total, the analysed data included 15 603 438 breaches and was categorised into 17 different industries. The researchers looked into the top 10 passwords used in each industry, the percentile of unique passwords, and the number of data breaches affecting each industry.

Leave a Reply