Compromised password credential security is one of the leading causes of ransomware and cyber security attacks. In fact, over 80% of hacking-related data breaches are caused by weak or stolen passwords!
Many employees tend to use shorter, easy-to-remember passwords. At least 51% of employees re-use the same password across multiple accounts, and some even use the same login information for both personal and work-related accounts. And while there are many steps that companies can take to keep their credentials off the dark web—such as requiring unique, strong passwords, and training their employees on best practices—credential security breaches still happen.
Today’s hackers are greedy and relentless, attacking an average of 2,244 times per day. That’s once every 39 seconds! If your passwords have been compromised, you don’t have long before hackers begin trying to exploit them.
Where Do Hackers Get Passwords From?
Phishing is one of the oldest forms of cyberattacks, and it’s also one of the most common ways for hackers to gain login credentials. Over 80% of cyberattacks are related to phishing! During a phishing attack, a hacker sends a legitimate-looking email asking their victim to log into a site or provide them with sensitive information. Hackers go to great lengths to make their emails look real, including using company logos and names.
For example, a hacker may compose an email mimicking a popular social media site, prompting victims to re-enter their login information to “preserve the security of their account”. However, instead of logging into the social media site, readers are entering their login information into the hacker’s database. And since many people reuse their passwords across multiple accounts, well—you can see where this is going.
How Long Do I Have if My Credentials Are Compromised?
Cybersecurity researchers ran an experiment to test how quickly hackers test out credentials. They found that at least 50% of accounts were accessed within 12 hours of receiving the credentials, while 20% were accessed within an hour and 40% within just six hours.
How to Keep Your Credentials Safe
Wondering how to keep your login information secure and out of the hands of hackers? Here are some tips:
- Turn on multi-factor authentication wherever possible. This is one of the best ways to prevent unauthorized access to your accounts.
- Never log in to a site from an email link. If you receive an email prompting you to change your password or log in, go directly to the site in your browser.
- Upgrade to an advanced email filtering solution such as Microsoft Defender for Office 365.
- Upgrade to a next-generation antivirus software for your computer, such as SentinelOne.