Revealed: the top passwords in the transportation and logistics industry

People working within the transportation and logistics sectors love using the word “password” as their password. Yes, really, we kid you not…

The transportation and logistics sector’s employees use very poor passwords to secure business accounts, reveals new research by NordPass. While cybersecurity experts repeatedly urge businesses to take better care of corporate accounts, passwords such as “password” and “123456” still make it to the top of the transportation and logistics industry’s list.

Below are the eight most used passwords in the transportation and logistics sector:

1. company name*
2. password
3. 123456
4. company’s email domain.com*
5. aaron431
6. company name01*
7. company name123*
8. xxxcompany name*

*These passwords directly reference a company. NordPass is not naming the exact business. It notes the format in which the passwords were used, for example: the abbreviation of the company’s name, part of the name, or the name combined with other words or symbols.

Although NordPass looks at the change in internet users’ password habits year-round, this year the company specifically investigated passwords used by employees of the world’s biggest companies from 31 countries to secure business accounts. The researchers compiled 20 industry-specific password lists.

“On one hand, it is a paradox that the wealthiest companies on the planet with financial resources to invest in cybersecurity fall into the poor password trap. On the other hand, it is only natural, because internet users have deep-rooted unhealthy password habits. This research once again proves that we should all speed up in transitioning to alternative online authentication solutions,” says Jonas Karklys, CEO of NordPass.

“Dummies”, “sexy4sho”, and other questionable passwords

According to the study, the passwords “password” and “123456”, which shared the top two spots in last year’s list of the world’s most common passwords, are also popular among the largest companies’ employees. Across all 20 analysed industries, both of these passwords were found to be among the seven most commonly used passwords. The word “password” was the number two most trending pick among the transportation and logistics sector’s employees and “123456” ranked third.

Some industries were creative. The password “dummies” ranks sixth among consumer goods sector employees, “sexy4sho” is 16^th among real estate employees, and “snowman” is 11^th in the energy field.

Common inspiration for passwords

Just like with regular internet users, dictionary words, names of people and countries, and simple combinations of numbers, letters, and symbols make up most passwords presented in the research.

However, the remaining 32% indicate another interesting trend. Employees love passwords that directly reference or hint at the name of a specific company. The full company name, the company’s email domain, part of the company’s name, an abbreviation of the company name, and the company product or subsidiary name are common sources of inspiration. These passwords comprise over half the transportation and logistics list.

“These types of passwords are both poor and dangerous to use. When breaking into company accounts, hackers try all the password combinations referencing a company because they are aware of how common they are. Employees often avoid creating complicated passwords, especially for shared accounts. Therefore, they end up choosing something as basic as the company’s name,” says Karklys.

Passwords will inevitably die

The study complements a series of password-related research projects NordPass has delivered throughout the years. In 2021, the company looked into the passwords that Fortune 500 companies use and in 2022 it investigated the password habits of top-level business executives. Moreover, NordPass annually presents the Top 200 most common passwords study, which broadly covers the password trends of internet users.

“While password trends slightly vary each year across different audiences, the general take is that people continuously fail with their password management, and the world desperately needs to switch to new online authentication solutions such as passkeys,” says Karklys.

Tips to secure business accounts

According to an IBM report, stolen or compromised credentials remained the most common cause of a data breach in companies in 2022, accounting for 19%. Karklys says that by implementing a few cybersecurity measures, businesses could avoid many cybersecurity incidents.

1. Ensure company passwords are strong. They should consist of random combinations of at least 20 upper- and lower-case letters, numbers, and special characters.
2. Enable multi-factor authentication or single sign-on. While the MFA set up on another device connected with email or SMS codes guarantees an additional layer of security, single sign-on functionality helps reduce the number of passwords people have to manage.
3. Critically evaluate to whom you grant account credentials. Access privileges should be removed from people leaving the company and passed on only to those who need specific access.
4. Deploy a password manager. With a business solution, companies can safely store all their passwords in one place, share them within the organisation, ensure their strength, and effectively manage access privileges.