Cybersecurity News in Asia

RECENT STORIES:

SEGA moves faster with flow-based network monitoring
Elitery a Pioneering MSSP Partner for Google Cloud’s “Indo...
Asia Pacific’s Mobile Sector Adds $950 Billion to GDP; On Track ...
PT Kereta Api Indonesia announces nationwide email and communication o...
Will governments assert stronger oversight over tech giants deemed as ...
As cybersecurity threats to critical infrastructure escalate, US Congr...
LOGIN REGISTER
CybersecAsia
  • Features
    • Featured

      The rising threats and business risks of machine identities

      The rising threats and business risks of machine identities

      Tuesday, July 22, 2025, 12:19 PM Asia/Singapore | Features, IoT Security
    • Featured

      The future of AI-powered cybersecurity

      The future of AI-powered cybersecurity

      Monday, July 21, 2025, 4:04 PM Asia/Singapore | Features, Newsletter, Tips
    • Featured

      Transcending digital disruption: How financial institutions can integrate innovation, security, and agility

      Transcending digital disruption: How financial institutions can integrate innovation, security, and agility

      Thursday, July 10, 2025, 4:16 PM Asia/Singapore | Features
  • Opinions
  • Tips
  • Whitepapers
  • Awards 2025
  • Directory
  • E-Learning

Select Page

LOGIN REGISTER
  • Features
    • Featured

      The rising threats and business risks of machine identities

      The rising threats and business risks of machine identities

      Tuesday, July 22, 2025, 12:19 PM Asia/Singapore | Features, IoT Security
    • Featured

      The future of AI-powered cybersecurity

      The future of AI-powered cybersecurity

      Monday, July 21, 2025, 4:04 PM Asia/Singapore | Features, Newsletter, Tips
    • Featured

      Transcending digital disruption: How financial institutions can integrate innovation, security, and agility

      Transcending digital disruption: How financial institutions can integrate innovation, security, and agility

      Thursday, July 10, 2025, 4:16 PM Asia/Singapore | Features
  • Opinions
  • Tips
  • Whitepapers
  • Awards 2025
  • Directory
  • E-Learning
Tips

Know the four most common password mistakes

By CybersecAsia editors | Tuesday, May 27, 2025, 10:21 AM Asia/Singapore

Know the four most common password mistakes

Weak, short, or predictable passwords are easily cracked; use strong, unique combinations and enable advanced authentication for better protection.

One of the biggest drivers of data breaches so far is the use of weak passwords.

According to an analysis of thousands of real-world entries across multiple leaked datasets, experts from Hostinger have identified the most basic password mistakes, and why users keep making them.

The first mistake is using short passwords, as 21.7% of the passwords analyzed were under eight characters: all of them were cracked instantly with the appropriate tools. While short passwords are quicker to type and easier to remember, they are also the first to fall to brute-force attacks. Solution: Make sure passwords are at least 12 characters long, ideally using a phrase or sentence that is unique and easy to recall.

Other basic password hygiene failures

The second mistake is using passwords that look unique but are simply just made from a mixture of predictable patterns that are easy to break. People choose familiar word-number combinations, thinking these are safer than generic passwords. However, passwords such as “mybluecare69” can still be broken. Solution: Use a mix of uppercase, lowercase, numbers, and special characters, and avoid common/predictable words or patterns, especially those linked to your personal data that cybercriminals can mine from data breaches.

The third password hygiene mistake is using long passwordsthat are nevertheless, weak. Incident data analyzed showed that even though some passwords were over 20 characters long, they had a 13% crack rate, making them nearly as easy to break as much shorter passwords. The reason was that people assume longer passwords are automatically stronger, but using repeated characters lowers security, such as a string of “aaaaaaa” or “123123” with the 20 characters. Solution: Avoid repetition. Variety in structure is just as important as overall length.

Finally, the data showed that a large portion of passwords being used still appear in the top 10m most leaked passwords. In the data analysis, 475 passwords matched high-frequency entries from global breach lists. People may not even be aware that their credentials have been compromised. Or, due to the need to change passwords regularly, they may resume the use of past passwords that had been deemed safe. Solution: use websites such as “Have I Been Pwned” to regularly check credentials, and avoid reusing any password that appears on a known breach list.

Beyond basic password hygiene

Other than the basic password hygiene fails uncovered by Hostinger, users need to keep apprised of the latest online identity authentication methods available, and use them for added protection. These include:

  1. Choosing passwordless and biometric login methods
  2. Use passphrases and passkeys where possible
  3. Leveraging an established password manager with an unbroken security record
  4. Enabling strong second-factor/multi-factor authentication such as app-based or hardware-based authentication, avoiding SMS-based authentication, which is vulnerable to social engineering
  5. Regularly reviewing privacy settings and keeping updated on any new identity authentication or protection features available on every platform being used

Share:

PreviousHow to outsmart filename masquerading: A practical guide to safer file handling
NextWhen ransomware attack rates drop, do not let down your guard

Related Posts

Five AI trends to watch in 2025

Five AI trends to watch in 2025

Wednesday, December 18, 2024

Five tips for keeping your revenge-travel adventures cyber exclusive

Five tips for keeping your revenge-travel adventures cyber exclusive

Monday, July 10, 2023

Delayed National Cybersecurity Strategy puts Bhutan at risk

Delayed National Cybersecurity Strategy puts Bhutan at risk

Friday, June 18, 2021

Treasuring customer data privacy in South-east Asia despite weak regulations

Treasuring customer data privacy in South-east Asia despite weak regulations

Friday, April 28, 2023

Leave a reply Cancel reply

You must be logged in to post a comment.

Voters-draw/RCA-Sponsors

Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
previous arrow
next arrow

CybersecAsia Voting Placement

Gamification listing or Participate Now

PARTICIPATE NOW

Vote Now -Placement(Google Ads)

Top-Sidebar-banner

Whitepapers

  • 2024 Insider Threat Report: Trends, Challenges, and Solutions

    2024 Insider Threat Report: Trends, Challenges, and Solutions

    Insider threats continue to be a major cybersecurity risk in 2024. Explore more insights on …Download Whitepaper
  • AI-Powered Cyber Ops: Redefining Cloud Security for 2025

    AI-Powered Cyber Ops: Redefining Cloud Security for 2025

    The future of cybersecurity is a perfect storm: AI-driven attacks, cloud expansion, and the convergence …Download Whitepaper
  • Data Management in the Age of Cloud and AI

    Data Management in the Age of Cloud and AI

    In today’s Asia Pacific business environment, organizations are leaning on hybrid multi-cloud infrastructures and advanced …Download Whitepaper
  • Mitigating Ransomware Risks with GRC Automation

    Mitigating Ransomware Risks with GRC Automation

    In today’s landscape, ransomware attacks pose significant threats to organizations of all sizes, with increasing …Download Whitepaper

Middle-sidebar-banner

Case Studies

  • Operationalizing sustainability in cybersecurity: Group-IB’s approach

    Operationalizing sustainability in cybersecurity: Group-IB’s approach

    See how the firm turned malware-group takedowns into measurements of sustainability and resilience gains: by …Read more
  • Thai government expands secure email management to close cybersecurity gaps

    Thai government expands secure email management to close cybersecurity gaps

    New measures address cybersecurity gaps in public sector communications, deploying advanced protections and operational support …Read more
  • How Iress optimized global DevSecOps

    How Iress optimized global DevSecOps

    Scaling compliance, security & efficiency – while seamlessly migrating to the cloud – with JFrog.Read more
  • St Luke’s ElderCare enhances operations and capabilities through a centralized secure, scalable network

    St Luke’s ElderCare enhances operations and capabilities through a centralized secure, scalable network

    With only a small IT team, the digital transformation has united operations across 30 locations, …Read more

Bottom sidebar

  • Our Brands
  • DigiconAsia
  • MartechAsia
  • Home
  • About Us
  • Contact Us
  • Sitemap
  • Privacy & Cookies
  • Terms of Use
  • Advertising & Reprint Policy
  • Media Kit
  • Subscribe
  • Manage Subscriptions
  • Newsletter

Copyright © 2025 CybersecAsia All Rights Reserved.