Making the Case for Password Reset Software: The 25 World’s Worst Passwords

Making the Case for Password Reset Software: The 25 World’s Worst Passwords

Password reset software rules.

Those who believe Oscar Wilde’s statement that “Art imitates life” need look no further than the Mel Brooks’ futuristic comedy classic, Spaceballs (one of my favorite comedic classics of all time), to acknowledge the need for password reset software.

At one point in the film, the movie’s villain, “Dark Helmet,” uses coercion to obtain a guarded combination, but he is amazed at the near foolhardy simplicity of it, noting incredulously, “So the combination is… one, two, three, four, five? That’s the stupidest combination I’ve ever heard in my life! That’s the kind of thing an idiot would have on his luggage!”

While this simplicity is obviously invoked for comedic effect, the sad part is many people do not attempt to install a much more difficult password. In fact, a recent study of the world’s worst passwords showed some passwords are even worse than that which, “an idiot would have on his luggage.” They are:

  1. password
  2. 123456
  3. 12345678
  4. abc123
  5. qwerty
  6. monkey
  7. letmein
  8. dragon
  9. 111111
  10. baseball
  11. iloveyou
  12. trustno1
  13. 1234567
  14. sunshine
  15. master
  16. 123123
  17. welcome
  18. shadow
  19. ashley
  20. football
  21. jesus
  22. michael
  23. ninja
  24. mustang
  25. password1

Simplistic passwords scream out the need for automated password reset software and enterprise password management. With all of the passwords people now need — for home computers, work computers, cell phones, ATM codes, web sites and e-commerce web sites — many people opt for extremely weak, easily hacked passwords to avoid forgetting them.

Insisting on more complicated passwords in the workplace, though, can be costly. It is a well-documented fact that one of the largest corporate overheads today are the costs associated with user calls to help desk password reset management of employee passwords or unlock accounts due to forgotten passwords.

Companies should not need to weigh the cost of their help desks constantly having to invoke active directory password reset management versus exposing their data to potential cyber security threats. Rather, they should employ solutions for enterprise password management that can perform a self-service password reset, meaning there is no need for employees to call their help desks and wait for a technician to reset their passwords, a costly process that can take a long time.

And benefits of password reset software with an automated password reset tools go beyond the mere off-loading of the help desk. Their benefits:

  • Improve Security: Studies have repeatedly shown that 70-80% of all network damage is done by users who are already inside the firewall. Automated password reset tools prevent the use of vulnerable passwords on a network, which eliminates the threat of a compromised account being exploited.
  • Protect Networks on a Consistent Basis: Passwords are proactively screened at the time they are changed and when new users are created. Furthermore, it provides additional password policy rules not found in the native operating system, which allows administrators to harden password choices.
  • Grant Enterprise Protection: Provides immediate password strength and cross-platform support.
  • Increase Rapid Return on Investment: Preventing even the most minor network compromise will immediately result in savings that offsets the cost of not only the password management system, but also the constant need to audit and discipline users who use weak passwords.
  • Reduce Total Cost of Ownership: Eliminates the cost, time and support overhead by managing passwords at the domain controller.
  • Enforce Strong Password Policies: Extends existing security policies by allowing administrators to establish stronger password policies that:
    • Reject passwords that contain common words using language specific dictionaries
    • Reject passwords that contain proper names using a 4,000 name wordlist
    • Enforce additional custom wordlists with wildcard support
    • Enforce the use of upper and lower case characters (mixed case)
    • Enforce the use and position of special characters
    • Enforce the use and position of numeric characters
    • Reject passwords that contain palindromes
    • Enforce password length: minimum and maximum
    • Reject passwords with repeating sequences or characters
    • Exclude username and full name
    • Support password history without creating a database of all prior user passwords
  • Automatically Apply Password Policies: Allows administrators to automatically generate publishable policies and requirements as well as other necessary tasks including:
    • Create unlimited number of password policies
    • Apply password policies to one or more connectors such as AD, SAP and Oracle
    • Apply password policies to domains groups or individual users
    • Apply password policies to connectors or connector groups
  • Decrease Frustration: Eases the user community into the routine of selecting secure passwords, while eliminating the individual conflicts with those who have repeatedly struggled to follow the written corporate policy.
  • Overcome Human Nature: Rather than trading network security for convenience by choosing simple and easy-to-remember passwords, automated password reset tool takes decisions about cyber security out of the hands of business users, and puts it back in the hands of security management.
  • Make Network Security a Priority For Everyone: Protects the investment that organizations spend on securing the perimeter of their networks by requiring the cooperation of everyone from the CEO to the temporary employee

Enterprise password management that includes an automated password reset tool can spare your company from exposure to IT cyber security risks and will prevent any of your employees’ passwords from showing up on the next list of world’s worst passwords. To find out more about Avatier’s password reset software solution, view the Password Station Product Introduction. To learn how our customers use Password Station to save money and improve operational efficiency, check out the Gwinnett Medical Center Password Station password reset software testimonial.

Watch the video to see how senior security analysts at Gwinnett Medical Center discuss their active directory password reset success:

Top 10 Password Management Best Practices -- The proven working guide for successful implementation.Get Your Free Top 10 Password Management Best Practices Guide

Learn the Top 10 Password Management Best Practices for successful implementations from industry experts. Use this guide to sidestep the challenges that typically derail enterprise password management projects.

Request the Workbook

Written by Gary Thompson

Gary Thompson is a 35 year veteran of the PR industry. He was the president of Shandwick International, the world’s largest agency with 2000 people in 90 offices and 32 countries. A million mile flyer on both American and United, he got off the road at the “encouragement” of his wife. Four years ago, he founded his own firm, Clarity Communications, which counts Avatier as one its most successful clients.