Real World Risk Management Practical HR Resources
Are you a new user?


Lax Password Practices Continue To Put Employers At Risk

A recent survey by NordPass, a password management company, found that less than one-third of users observe best practices to create secure passwords.

The survey, which included over 2000 adults in the U.S. and Germany, found that 50 percent report using personal information as part of their password. Just 27 percent of women and 31 percent of men choose random words, numbers, and symbols.

The survey found many continue to use bad password habits, including using family names, dates, and numbers (29 percent of women and 25 percent of men); using words related to work or their profession (10 percent of women and 19 percent of men); and using pet names, days, and numbers (24 percent of women and 19 percent of men).

Just as risky as creating a weak password, says a NordPass security expert, is reusing a password for multiple accounts. Lance Whitney "How people concoct their passwords, and why they often stink" (Sep. 29, 2021).


Compromised sign-on credentials is a systems security risk that employers cannot ignore. The Verizon 2021 Data Breach Investigation Report found that 61 percent of breaches are associated with hacked usernames and passwords.

It is important that users recognize the need to follow both of the key secure password best practices noted in the above article - creating complex passwords and refraining from reusing passwords - in order to maintain secure sign-on credentials.

Employers must make certain employee training on password security best practices is conducted on a regular and ongoing basis. During on-boarding, employers must stress the need for strong passwords.

Finally, your opinion is important to us. Please complete the opinion survey:

Why Your Access Control Policy May Be Your Most Important Cyber Policy

The FBI says an employee of a tech firm is the perpetrator of its recent systems hack and ransom plot. Read how your system access controls can help prevent the inside cyber risk.

read more

Why A Balanced Approach Of Response And Preparation Is Needed For Data Security

A recent study found that IT personnel recognize how proactive risk assessment steps can minimize damage from a systems breach. However, do they have the time? Learn more.

read more

Checking For Skimmers: A Day-To-Day Security Task

Performing visual and physical security checks can help you spot credit card skimmers. Learn more about this identity theft risk.

read more

Online Account Takeover Fraud Spiking: Are Unique And Strong Passwords The Answer?

Account takeover fraud is on the rise. Read ways to protect yourself from this form of identity theft.

read more