Even though policies may be in place when it comes to password usage in the workplace, they haven't had much of an effect on their strength, according to a recent study.
Trustwave's “2014 Business Password Analysis” indicates that strong authentication policies have yet to be implemented at organizations.
After cracking 92 percent of a sample of 626,718 passwords researchers at Trustwave collected from penetration tests performed in 2013 and 2014, more than half were easily cracked by using a simple dictionary attack. The findings indicate that “Password1” was the most commonly used password, while “Hello 123” and “password” came in second and third on the list.
The analysis revealed that password length hadn't changed much since last year's findings and the most common character type and combination were a “sequence of six lowercase letters followed by two numbers.”