What weak credentials can do?

  • Published On: October 07, 2022 Updated On: February 17, 2023

Yes! Hacking people's accounts is illegal. Hacker’s are enjoyed playing with weak credentials. A weak password is one that is easy to guess using a subset of all possible passwords in a brute force attack. Examples of weak passwords include words from the dictionary, prefixes, words derived from user names, and popular variations on these themes. It is lamentable that the most popular passwords are still 123456, password, and qwerty in each of the most recent high profile thefts that have exposed user information.

What are weak passwords?


A password that is simple to figure out by computers and people alike. To avoid forgetting their passwords, people frequently use simple ones like their children's names or house number. The quicker it is to figure out a password, though, the simpler it is.


Uncover problems with a weak password

An attacker may gain access that they would not otherwise be able to with a weak password. increasing the number of potential attack vectors. For instance, if you use the same email address and password for both your bank and insurance company websites, a weak password could provide an attacker access to your bank accounts.

If you are using the same email and password combination, using Google's "Forgot my Password" tool might also allow an attacker to access your emails or social media accounts (this is where hackers will try different common passwords with varying success rates).

Additionally, a weak password makes it simpler for an attacker to access your network or computer, giving them the opportunity to harm your system by installing malware or accessing other machines connected to your network. This may result in ransomware attacks at home or on the corporate network, which will cost money and frequently lead to data loss and theft with little chance of recovery.

How weak passwords could put your organization at risk ?


In August 2020, the Canadian Revenue Agency (CRA) was the target of a brute force attack that compromised roughly 11,000 of its accounts as well as those of other government-related services. Attackers specifically targeted the Canada Revenue Agency (CRA) and the Government of Canada Key service (GCKey), organizations that give Canadians a variety of government services and programs across the nation.

The impacted were hacked using stolen login information, including usernames and passwords, beacause of weak credentials. The incident underlined the dangers of using the same password across multiple websites or accounts. You can prevent brute force attacks by creating strong passwords for yourself.

What Is a Password Policy and Why Is It Important?

A password policy is a set of guidelines intended to improve computer security by enforcing the usage of stronger passwords by users. It's frequently covered in security awareness training and is a component of the formal regulations of the organization.

You may provide clear guidelines for how users should generate and use passwords on your online application by creating a password policy. Although you might not be able to completely regulate users' behavior, you can nevertheless direct them for their own safety.


Benefits to having a well-designed password policy:

  • Prevent Data Breaches.
  • Maintain Order.
  • Build Trust.
  • Cultivate Cybersecurity Culture.
  • Keep your personal info safe.
  • Protect your emails, files, and other content.
  • Prevent someone else from getting into your account.

Guidelines for Strong Passwords


  • At least 12 characters ( The more characters, the better ).
  • A mixture of both uppercase and lowercase letters.
  • A mixture of letters and numbers.
  • Inclusion of at least one special character, e.g., ! @ # ? ]

Note: do not use < or > in your password, as both can cause problems in Web browsers


Passwords provide the first line of defense against unauthorized access to your computer and personal information. The stronger your password, the more protected your computer will be from hackers and malicious software. You should maintain strong passwords for all accounts on your computer.