The Gawker Leak: How to Protect Your Business From Poor Password Choices

Last Updated Dec 16, 2010 11:16 AM EST

The recent hack attack on Gawker Web sites (which include Gizmodo and Lifehacker, among others) is proof positive of an inconvenient truth: people suck at creating secure passwords.

Not you, of course. As a regular Business Hacks reader, you're smarter than that. But what about your employees? Their poor password choices could turn into your security headache.

Check it out. Of the 188,000-plus passwords that were stolen, these were the top five:
  1. 123456
  2. password
  3. 12345678
  4. lifehack
  5. qwerty
Now, if one of your employees uses a similarly useless password to access, say, the company intranet, guess what: now that hacked password is out in the wild. (Admittedly, a hacker would just try these anyway, but the stolen data also included names tied to those passwords, along with other personal info.)

Sadly, none of this is new. Back in January, some 32 million passwords were stolen and analyzed, and the results were virtually identical: "123456" was the most common. The Gawker breach suggests that one year later, people are no smarter about password selection.

So, what can you do about all this? When it comes to your own online activities, follow the same rules we've advised for years: choose secure passwords, change them often, use different passwords on different sites, and consider adopting a password-management utility like LastPass.

As for your employees, educate them! It's important that they know how important this is. Create password policies that everyone needs to follow. Make the first Monday of every month "Change Your Password Day." That kind of thing. It's not enough to hope that your workers are smart enough to make smart password choices. (Let's be honest: they're not.)

Want to learn more? We have a treasure-trove of useful advice on the subject:
  • Rick Broida On Twitter»

    Rick Broida, a technology writer for more than 20 years, is the author of more than a dozen books. In addition to writing CNET's The Cheapskate blog, he contributes to CNET's iPhone Atlas.

Comments

CBSN Live

pop-out
Live Video

Market Data

Watch CBSN Live

Watch CBS News anytime, anywhere with the new 24/7 digital news network. Stream CBSN live or on demand for FREE on your TV, computer, tablet, or smartphone.

Market News

Stock Watchlist