When you think of government institutions you’d expect that everything is pretty reglemented and has its order. Things are strict and security is a must. After all, it’s the government and there is probably confidential stuff that should better not fall into the wrong hands.
A security audit from the Western Australia government showed that pretty much the opposite is true – at least when it comes to password security. Why you ask? Well of 234,000 accounts 26% (60,000) had weak or commonly used passwords.
Password laziness is an issue
While weak passwords are sadly common everywhere – even if it was never easier to create and remember complex and more secure password thanks to password managers – what the West Australia government exposed is really shocking: almost 1500 individuals used “Password124” to protect their PC and the data on it. But wait, that’s not all. 813 people used “Password1” and 184 “Password”. Wow – do people still think that those words are actually secure?
Using such passwords in private is not advised. Using them for work – especially in a government position – could lead to security issues with huge consequences. Just imagine the data that cybercriminals could gain access to. Even worse: Some employees were storing further passwords in Word documents or spreadsheets.
What’s so bad about a weak password?
As mentioned before: Normally a weak password means that someone could access your data. Depending on how often you use the same password and what kind of data you store, this could lead to cybercriminals gaining access to everything: from just a few personal information to your whole world including your banking account data.
For government agencies the risks are a lot bigger. Just imagine someone managing to get the user data for state secrets. Or nuclear codes … Yes – that would not be good.
Help is needed
It is obvious that a lot of people are overburdened with the task of finding a secure password. While the government promised to help this is only a drop in the ocean. The issue goes way further than just West Australia: According to Verizon’s Data Breach Investigations report, 81% of hacking-related breaches happened because of stolen and/or weak passwords.
While education in password security is sorely needed everywhere there is at least one solution that can be taken advantage off and that can help even if you do not know what a secure password should look like: Password managers make sure your password is complex enough and store it safely in an encrypted database. Get one if you don’t use it yet and tell your family and friends to do so as well.
