2022-05-19, 10:00–10:30, Ville-Marie
There are many ways to attack organizations, and credential stuffing is one of these. Depending on the strength of users’ passwords, crackers can decrypt passwords in a matter of seconds, hours or they may never succeed. Even if there was a significant advancement in attackers' abilities to perform password cracking, passwords remain the dominant authentication method not replaced but merely augmented by multi-factor authentication (MFA). The knowledge about passwords’ use must be deepened in order to respond to the protection needs of cybersecurity clients and adapting to specific aspect of their reality. Adopting a macrosocial approach, the present study explores different factors influencing passwords’ quality. We combined NorthPass’s list of the 200 most common passwords in 49 different countries to several other databases of country’s social and economic indicators like GDP, mean education level, amount of data breaches experienced in the country, etc.
The results reveal that a higher literacy level is associated with higher passwords’ quality. Also, the number of Internet users is inversely associated with password quality which indicates that living in a highly connected country is not a factor that increase information’s protection. The study participates in the understanding of macrosocial protection’s factors in order to adapt password lists.
Andréanne Bergeron is a cybersecurity researcher at GoSecure. She is also a Ph.D. candidate at the School of Criminology of the Université de Montréal and recipient of the prestigious Vanier scholarship. She also specialized in other types of cybercrime as she worked as the coordinator of the Darkweb and Anonymity Research Center.