Choosing a secure password isn't easy.

Having a company policy that involves blacklisted passwords can help keep accounts secure by ensuring that users cant choose passwords commonly found in data breaches. This is a recommended practice not only by the National Cyber Security Centre but by the National Institute of Standards and Technology. The NCSC have collaborated with Troy Hunt (the creator of Have I Been Pwned) to create a list of the top 100,000 most common passwords obtained in data breaches, click below to download the list.

https://www.ncsc.gov.uk/static-assets/documents/PwnedPasswordsTop100k.txt

Why Stop at 100,000?

When choosing passwords there has to be a balance between protecting users from poor password choices without making it too difficult for them to choose one. By blacklisting this list of passwords users won't be too frustrated but will still have a high-quality password.

All these passwords are already in the public domain. By building awareness of how cybercriminals use the passwords obtained by breaches, we can make it harder for these attackers to access your software and reduce the overall risk to your company.

For more advice and guidance on setting up secure passwords get in touch with us today at Click2Talk and take the next step to a secure network.