The Importance of a Strong and Secure Password - Grace Hill

The Importance of a Strong and Secure Password

Posted on September 15, 2022 by Stephanie Anderson

Man sitting at laptop with a lock graphic overlay reflecting cyber security

You may think that having a strong, secure password for your online accounts is obvious, but not everyone follows cybersecurity guidelines when it comes to creating passwords. Every year, research firms collect data on the most commonly used passwords. And year after year the data show that, in general, people are using the same weak, easy-to-crack passwords. To make matters worse, 45% of people do not consider password reuse to be a serious problem (InfoSecurity Magazine, 2020).

Findings from this year continue to be released and sadly it’s the same story!  In fact, “51% of people use the same passwords for both work and personal accounts“(DataProt, 2022). 

Here you can see the top 10 most commonly used passwords in the United States in 2021. Researchers also calculate how long each password takes to crack. All of these can be cracked in less than a second.

Rank Password
1 123456
2 password
3 12345
4 123456789
5 password1
6 abc123
7 12345678
8 qwerty
9 1111
10 1234567

Why is this important?

Because poor password hygiene habits make it easier for criminals to commit cybercrimes, leaving residents, employees, and yourself at risk.

  1. Most data breaches involve the use, or misuse of weak, stolen, or default passwords. 
  2. In recent years there has been an increase in cyberattack methods called ‘credential phishing and credential stuffing’. This is when criminals trick people, using in a phishing email, into revealing their account log in information. These log in credentials are often sold to other criminals who use special software to try thousands of “matches” at a time; cross-referencing the stolen usernames, login IDs, and passwords that work on one website with other websites. When they find a match—meaning the victim’s username and password from site A are the same ones they use on site B—criminals can use that information to steal money and more identifying information.
  3. This strategy works because the vast majority of people—up to 83% according to recent research—use the same password for more than one account. This is a hacker’s dream scenario. All they need is one password and they can access all of that person’s accounts. If we continue to use the same login and password for multiple sites, credential stuffing will continue to be an issue.

  What can you do?

  1. Use the longest password or passphrase allowable by each password system. Every character you add makes your password that much more difficult to crack. Many computers now have password generators that can help you come up with complex passwords, and store them safely.
  2. Always use different strong and secure passwords for different accounts and devices so that if attackers do guess or steal one password, they will not have access to all of your accounts.
  3. Don’t use personal information (e.g., pet’s names, birthdates, anniversaries), dictionary words, or system defaults as your password. They are way too easy for criminals to crack.
  4. Sharing too much information on social media can allow attackers to guess passwords (if they have been based on personal information) or extract a company’s confidential information through posts by employees.
  5. Use a password manager to keep all of your long, complex passwords secure.

Are your teams prepared for a cyber attack?

Passwords are the first line of defense against cybercriminals who are trying to steal your personally identifiable information. The strong and secure your passwords are, the more protected you’ll be. To learn about this and other ways to avoid being the victim of online crime, learn about Grace Hill’s cybersecurity training series and policy management solutions.      

Stephanie is the Senior Director of Communications and Social Media at Grace Hill and has over 17 years of property management experience. She is a leader in multifamily, bringing a unique 360-perspective gained from her previous roles as an operator, a nonprofit association manager, and a supplier partner. Stephanie brings a wealth of knowledge specializing in industry trends, creative marketing, and employee engagement. Stephanie is a certified facilitator through NAA Education Institute (NAEEI) and was awarded Designate of the Year in 2015 and CAM of the Year in 2013. She is a powerhouse speaker who motivates others and disrupts the status quo with out-of-the-box ideas and trends. Stephanie graduated from Virginia Commonwealth University, majoring in English Literature and Women’s Studies. She also holds a Virginia Real Estate License and is a certified Mental Health First Aid Trainer. Stephanie is a proud graduate of NAA’s Leadership Lyceum and passionate about promoting awareness of human trafficking in rental housing. Learn more about Stephanie Anderson’s background and experience on her LinkedIn page.

Learn More About The Author

Posted in ,
Scroll to Top