Study Exposes Real Estate Industry’s Most Common Passwords

Passwords used by people in the real estate sector are not very secure, according to a recent study by NordPass. Cybersecurity experts consistently recommend stronger passwords to ensure corporate accounts, yet those in real estate continue to use passwords that directly reference their company.

The 10 most used passwords in the real estate sector:

• Part of the company’s name*
• Company’s email domain.com*
• Part of the company’s name1*
• Password
• Indiana1
• Aaron431
• 123456
• Company name*
• Company’s email domain.com*
• Default

“On one hand, it is a paradox that the wealthiest companies on the planet with financial resources to invest in cybersecurity fall into the poor password trap. On the other hand, it is only natural because internet users have deep-rooted unhealthy password habits. This research once again proves that we should all speed up in transitioning to alternative online authentication solutions,” says Jonas Karklys, CEO of NordPass.

“Password” and “123456,” which shared the top two spots in last year’s list of the world’s most common passwords, are also popular among the largest companies’ employees. Both of these passwords were found to be among the seven most commonly used passwords, across all 20 analyzed industries. The word “password” was the number 4 most trending pick among the real estate sector’s employees and “123456” ranked 7th.

Interestingly, people working for corporations in the real estate industry often picked “fashion” and “sexy4sho” for their passwords.

Tips to secure business accounts

According to an IBM report, in 2022, stolen or compromised credentials remained the most common cause of a data breach in companies, accounting for 19%. Karklys says that by implementing a few cybersecurity measures, businesses could avoid many cybersecurity incidents.

• Ensure company passwords are strong. They should consist of random combinations of at least 20 upper- and lower-case letters, numbers, and special characters.
• Enable multi-factor authentication or single sign-on. While the MFA set up on another device, connected with email or SMS codes guarantees an additional layer of security, single sign-on functionality helps reduce the number of passwords people have to manage.
• Critically evaluate whom to grant account credentials. Access privileges should be removed from people leaving the company and passed on only to those who are in need of certain access.
• Deploy a password manager. With a business solution, companies can safely store all their passwords in one place, share them within the organization, ensure their strength, and effectively manage access privileges.

*This password is directly referencing a company. NordPass is not naming the exact business. It notes the format in which this password was used, for example, the abbreviation of the company’s name, part of the name or the name combined with other words or symbols.