https://www.dailymail.co.uk/sciencetech/article-10209349/Passwords-123456-password-popular.html
Will we EVER learn? '123456' and 'password' are still among the
most popular passwords in the world – while many users continue
to use their own name, report reveals
The annual NordPass Most Common Passwords report revealed common
trends. It found that people are still using very simple and easy
to guess passwords including '123456', 'password' and 'qwerty'
which can be cracked in a second. There were local and gender
differences including sports teams as passwords.
. . . .
SysAdmin ??? Well THIS is what you're up against - and
it's NOT going to change.
Users would rather live with unknown risks than suffer
with passwords and other procedures that are impossible
to remember or a pain to cope with. They WILL find a
way around difficult edicts - or they'll quit and take
all their job experience with them.
But, when it goes bad, the SysAdmins get the blame.
Look, cybercommerce/cyberbanking SOUNDED great. But
people are NOT going to cope with "dffNs%h##fj3d7xuz"
passwords plus text-messages on smartphones they may
not even own plus biometrics that won't recognize
you if you grew a beard or cut your thumb or dropped
20 pounds plus inscruitable captchas. And WHY don't
you know the name of your maiden aunts 3rd cousin's
favorite pet gerbil ???!!!
Nobody is going to put up with such shit.
Sorry, but "convenient" was one of the main drives
behind online commerce/banking. Now they feel they
have to make it as INconvenient as possible just to
stay half a step ahead of cyberCRIME. This is NOT
working out.
I'll tell you the solution ... and you won't like it ...
physically go TO your bank and do business with bits
of PAPER in front of people there who KNOW your face.
SHOP online, but print the order form, fill it out
in ink, and physically MAIL it to the seller. Might
not hurt to include a PAPER *CHECK* inside to cover
the purchase - again something tangible, something
they'll at least have to scan. Use a Sharpie pen
to write the check too - something that can't be
washed out.
Oh, and you can go to physical STORES ... they have
all kinds of interesting things on big rows of
shelves ... and there's a thing called "cash" you
can use to buy those fascinating items.
This 1950-ish approach WILL thwart crime. Because
of human nature, NOTHING will thwart it using
todays methods. 'Convenient' for you ? PARADISE
for the cybercriminals and cyberterrorists.
This is the horrible bitter Truth, and you KNOW it.
SysAdmin ? Contract ? Slip "NOT responsible for events
resulting from users employing poor passwords/technique"
in there. If they won't accept that - QUIT - you'll be
saving yourself endless trouble. Put them on the blacklist
at all the job-search sites.