The Password is …

Phishing and malware aren't the only ways credentials are obtained, however. Employees frequently share their passwords with unauthorized individuals, and weak passwords that are easily cracked or guessed are still commonly used. In spite of the emphasis placed on using strong passwords, it's estimated that over 30 percent of all passwords are very weak and easily compromised. Even stronger passwords don't necessarily equate to a safe harbor. Numerous reports released this past year have shown that most strong passwords can also be cracked by skilled cybercriminals. Research from Deloitte revealed that with the right tools and access, 90 percent of user-generated passwords can be discovered or cracked in a matter of seconds, including passwords once thought to be strong — e.g., those with at least eight characters, using both upper and lower case letters, containing at least one symbol and having at least one number.