We live in a day and age when every aspect of life from work, to banking, to your weekly shop can ask you for a password. It can be tiring to constantly think of something consisting of at least eight (or more) characters, with upper and lower case letters, numbers and symbols, that you'll remember, sometimes after months of inactivity, or where you need to change it every few months. Password fatigue can be a real problem and can lead to the situation where you'll settle for something that’s easy to remember, but easy to guess too.
The recent cyber-attack on Parliament will have seen a number staff wish that they'd put a little more effort into their password selection. Through a procedure no more complex than testing for frequently used passwords, hackers were able to access up to 90 staff email accounts, leading to officials disabling remote access to emails by MPs, peers and their staff.
Such means of accessing data is both amongst the most straightforward and the most commonplace. Staff emails are deemed the weak point of many businesses' cyber defences. Indeed of 781 UK businesses who reported a data breach over the last 12 months, 72% of the identified breaches were targeted against employees' emails.
Once a third party has access to your system the impact on an organisation can be devastating and longstanding, damaging profits and confidence in your organisation.
Weak passwords are also inexcusable in the eyes of regulators, so it will be interesting to see what, if any, action is taken against those involved in the Parliamentary breach.