Research reveals holes in hospitality industry’s cybersecurity

Hospitality industry employees struggle with passwords, NordPass’ new research reveals. Among the 17 researched industries, hospitality industry employees used their company’s name as a password the most often. Instead of coming up with a sophisticated password to safeguard their business accounts, people simply put their company name as their password.

In addition to that, only 29% of hospitality industry companies’ employees have unique passwords. This means that more than two-thirds of employees reuse their passwords across accounts.

“Password reuse is a huge problem that poses a big threat to both consumers and businesses. If one password is compromised, all other accounts are jeopardized too,” said Chad Hammond, security expert, NordPass.

The research also revealed the top 10 most common passwords used by hospitality industry employees. Shockingly, the most common one is “password”.

Here are the top 10 passwords in the hospitality industry:

  • password
  • 123456
  • Company name123*
  • Company name*
  • Company name*
  • Hello123
  • Company name 1*
  • Company name*
  • company name*
  • company name1*

* This password is a company’s name or a variation of it (e.g. Company name2002). The name of the companies were not released.

The researchers analyzed data from public third-party breaches that affected Fortune 500 companies. In total, the analyzed data included 15,603,438 breaches and was categorized into 17 different industries. The researchers looked into the top 10 passwords used in each industry, the percentile of unique passwords and the number of data breaches affecting each industry.

With rising domestic and international travel, the hospitality industry must once again pay closer attention to cybersecurity.

Simple passwords are very dangerous to all users, but businesses and their employees need to take extra care when it comes to cybersecurity. For example, back in February, a water treatment facility in Florida had a serious computer breach. The company used an unsupported version of Windows with no firewall and shared the same TeamViewer password among its employees.

Nord Pass offered some insights on proper password usage:

1. Create complex and unique passwords, update them regularly and store them in a password manager: Adopting a password manager for company-wide use is your best bet to maintain the security of your business accounts. A password management solution provides a secure way to store, share and manage passwords in a single place.

2. Use multi-factor authentication or single sign-on:  Companies should use multi-factor authentication where possible for an added layer of security. Another great idea is to leverage single sign-on and password synchronization. With single sign-on, employees are less likely to revert to bad password practices, such as creating common passwords or writing them down.

3. Educate your employees on password hygiene and potential risks: It’s important to note that employees should avoid mixing their work and personal accounts. This ensures that your personal identity is not only protected, but also any information related to your employer is safeguarded in the event of a breach.

Consumer-facing breaches can extend beyond personal accounts, potentially exposing the enterprise as well. Data breaches like this can create a domino effect across multiple organizations through the reuse of credentials across personal and business accounts.