The Tokyo Olympics: A timely reminder about your favourite sport as a password 

Here at Authlogics, we’re extremely privileged to have access to a cache of password-related data. The Password Breach Database is a treasure trove for security analysis, allowing us to use the 1 billion unique clear text passwords to develop trends and patterns found in data breaches that have exposed passwords. Using this, we can make inferences and judgements about the state of password security, based on the associated data. 

Despite the ongoing and widespread ramifications of the Covid-19 Pandemic, the Tokyo Olympics are currently going ahead at full steam. Despite spectators being largely barred from the games, the greatest event in global sport has started, with podium places already secured for Team GB. 

You would, of course, be forgiven for asking what this has to do with passwords? Well, according to our previously mentioned extensive database of passwords, we can show how the sports and teams currently on display in Tokyo are often used by individuals when they are coming up with their passwords. In fact, when considering just 15 of the sports present at the Olympics, there are over one million associated passwords. See below for an example of these instances: 

 

Olympic Sports Number of occurrences 
Baseball 293,318
Soccer  290,501
Basketball  183,870
Tennis  121,707
Softball  90,118
Volleyball  61,283
Swimming  54,466
Wrestling  32,479
Pingpong 21,836
Surfing  21,496
Running  19,301
Gymnastics  17,977
Sailing  17,350
Boxing  16,597
Sprint  12,581
Total 1,254,880

These passwords being used so frequently clearly represents an issue for enterprises. The password as a method of authentication is inherently flawed, and using a password such as this only exacerbates the issue; if an individual is hoping to access a corporate network, the employees of that organisation represent the single easiest method for gaining that access. If they are able to use social engineering tactics – such as surveying an individual’s social media accounts – they will be able to quickly discern the kind of interests and hobbies which some people may use as passwords, potentially giving them an unlocked door to the swathes of information your organisation holds. 

Password reuse represents another issue in conjunction with the epidemic of data breaches we are currently seeing across the globe. A 2019 study from Google found that 13 percent of people reuse the same password across all accounts and a further 52 percent use the same one for multiple (but not all) online accounts. If one of your employees is included in these percentages, then even a breach at a separate account that they hold could lead to the compromise of your corporate data. 

Therefore, if the Olympics has brought your favourite sport top of mind when developing a new password, consider some of our top tips below: 

  • Replace the password with a pattern (Such as our PINgrid product): As opposed to using a word, which is easily recognisable and easily stolen, use a code or pattern formed out of letters or numbers which is unique to you. 
  • Use a variety of different symbols: A combination of letters (some upper case and some lower), numbers, and symbols. This is particularly important if you are insistent on having your favourite football team in your password! 
  • Try your absolute best not to reuse passwords. While this might mean you need to remember more passwords (or use a password manager) it goes a long way to limiting the damage should one of your accounts become breached.

Ultimately, we’d like to see a world without passwords. But until that day comes, following best practices when developing your passwords is half the battle! 

For more information about how we can help to keep your online accounts safe, visit www.authlogics.com