Watch CBSN Live

The Gawker Leak: How to Protect Your Business From Poor Password Choices

The recent hack attack on Gawker Web sites (which include Gizmodo and Lifehacker, among others) is proof positive of an inconvenient truth: people suck at creating secure passwords.

Not you, of course. As a regular Business Hacks reader, you're smarter than that. But what about your employees? Their poor password choices could turn into your security headache.

Check it out. Of the 188,000-plus passwords that were stolen, these were the top five:

  1. 123456
  2. password
  3. 12345678
  4. lifehack
  5. qwerty
Now, if one of your employees uses a similarly useless password to access, say, the company intranet, guess what: now that hacked password is out in the wild. (Admittedly, a hacker would just try these anyway, but the stolen data also included names tied to those passwords, along with other personal info.)

Sadly, none of this is new. Back in January, some 32 million passwords were stolen and analyzed, and the results were virtually identical: "123456" was the most common. The Gawker breach suggests that one year later, people are no smarter about password selection.

So, what can you do about all this? When it comes to your own online activities, follow the same rules we've advised for years: choose secure passwords, change them often, use different passwords on different sites, and consider adopting a password-management utility like LastPass.

As for your employees, educate them! It's important that they know how important this is. Create password policies that everyone needs to follow. Make the first Monday of every month "Change Your Password Day." That kind of thing. It's not enough to hope that your workers are smart enough to make smart password choices. (Let's be honest: they're not.)

Want to learn more? We have a treasure-trove of useful advice on the subject:

View CBS News In