RESEARCH & RESOURCES

Research Finds Holes in Hospitality Industry’s Cybersecurity

“Password” still most popular password used by employees in the industry, survey reveals

Note: TDWI’s editors carefully choose vendor-issued press releases about new or upgraded products and services. We have edited and/or condensed this release to highlight key features but make no claims as to the accuracy of the vendor's statements.

NordPass, a password management provider, released research showing hospitality-industry employees struggle with passwords. Among the 17 researched industries, hospitality industry employees used their company’s name as a password the most often. Instead of coming up with a sophisticated password to safeguard their business accounts, people simply put their company name as their password.

In addition to that, hospitality industry companies rank low at use of unique passwords at only 29 percent. This means that more than two-thirds of employees reuse their passwords across accounts.

“Password reuse is a huge problem that poses a big threat to both consumers and businesses. If one password is compromised, all other accounts are jeopardized too,” said Chad Hammond, security expert at NordPass.

The research also revealed the top 10 most common passwords used by hospitality industry employees. Typing “password” was the most common.

In second place was “123456”; variations of he company name accounted for 7 other top-10 password choices.

The researchers for the NordPass study analyzed data from public third-party breaches that affected <em>Fortune</em> 500 companies. In total, the analyzed data included 15,603,438 breaches and was categorized into 17 different industries. The researchers looked into the top 10 passwords used in each industry, the percentile of unique passwords, and the number of data breaches affecting each industry.

Simple passwords are dangerous to all users, but businesses and their employees need to take extra care when it comes to cybersecurity, according to NordPass, noting that in December 2020, SolarWinds suffered from a big data breach, reportedly due to protecting one of their servers with the password “solarwinds123”.

Consumer-facing breaches can extend beyond personal accounts, potentially exposing the enterprise as well. Data breaches can create a domino effect across multiple organizations through the reuse of credentials across personal and business accounts.

To increase security, NordPass recommends the following:

  • Create complex and unique passwords, update them regularly, and store them in a password manager. Adopting a password manager for companywide use is your best bet to maintain the security of your business accounts. A password management solution provides a secure way to store, share, and manage passwords in a single place.
  • Use multifactor authentication or single sign-on. Companies should use multifactor authentication where possible for an added layer of security. Another recommendation is to leverage single sign-on and password synchronization. With single sign-on, employees are less likely to revert to bad password practices, such as creating common passwords or writing them down.
  • Educate employees on password hygiene and potential risks.
  • Employees should avoid mixing their work and personal accounts. This ensures that their personal identity is protected, and any information related to their employer is safeguarded in the event of a breach.

For details from the survey, visit https://nordpass.com/fortune-500-password-study/.

TDWI Membership

Get immediate access to training discounts, video library, research, and more.

Find the right level of Membership for you.