How strong are your passwords?

General | March 20, 2019 | 2 min read

If you’re in IT, you likely know that you should never use weak passwords to secure your business accounts. However, with the average business user using around 191 passwords, the battle was lost 100 passwords ago. Users cope with their password-saturated lives by using weak, easy-to-remember passwords, which poses a serious threat to your organization’s security.

Five facts about weak passwords

  1. As of the second quarter of 2018, 28 percent of ransomware attacks are due to weak passwords.

  2. According to research by WordPress on millions of stolen passwords, the average time taken to crack a C-level executive’s password at Google, Microsoft, and other top companies was just 22 seconds.

  3. According to the password-management company Splashdata, 10 percent of people have used at least one of the 25 worst passwords on the 2018 list.

  4. The 2018 Data Breach Investigations Report from Verizon states that 81 percent of breaches were caused by weak and compromised passwords.

  5. Also, consider this: over 80 percent of people admit to using the same password across multiple accounts.

Never compromise on security

When an employee uses a weak password for a business account, they put the entire organization at risk by exposing the network to the outside world. Once a hacker cracks this password, they can misuse the user’s identity, take full control of the accessible network resources, gradually try to breach accounts with higher privileges, and much more.

Now that we’ve established that the threat of weak passwords is real, the next step is figuring out the best way to mitigate it. Introducing the free Weak Password User Report tool, which helps admins find users with weak passwords. It scours the entire domain for weak passwords by comparing users’ passwords against a list of commonly used passwords. The tool then generates a detailed list of users with weak passwords.



Make better password policy rules

With this free tool, admins can view a list of user accounts that are utilizing weak passwords. What’s the next step? You must ensure that users use strong passwords for all their accounts. This is where ADSelfService Plus’ password policy enforcer comes in handy. It allows admins to enforce custom password policies that block dictionary words, patterns, and palindromes, and it utilizes other advanced techniques as well.

Stay on your toes!

To protect your organization from hackers and their constantly-evolving methods of attacks, it’s vital to create new password policies and update them as needed. ADSelfService Plus helps you create strong password policy controls for Active Directory and enterprise applications to keep prying eyes out of your employees’ accounts.

Want to explore more? Go ahead and try ADSelfService Plus free for 30 days to see all these features in action yourself!