Skip to main content
We’re here with practical legal information for your business. Learn about employment law, company law and more.

Search

  1. News
  2. Small business news

Starting up

Setting up a business involves complying with a range of legal requirements. Find out which ones apply to you and your new enterprise.

Sector specific law

What particular regulations do specific types of business (such as a hotel, or a printer, or a taxi firm) need to follow? We explain some of the key legal issues to consider for 200 types of business.

Business ownership and management

While poor governance can bring serious legal consequences, the law can also protect business owners and managers and help to prevent conflict.

Finance and business strategy

Whether you want to raise finance, join forces with someone else, buy or sell a business, it pays to be aware of the legal implications.

Employment law

From pay, hours and time off to discipline, grievance and hiring and firing employees, find out about your legal responsibilities as an employer.

Marketing and selling

Marketing matters. Marketing drives sales for businesses of all sizes by ensuring that customers think of their brand when they want to buy.

Contracts, disputes

Commercial disputes can prove time-consuming, stressful and expensive, but having robust legal agreements can help to prevent them from occurring.

Commercial premises law

Whether your business owns or rents premises, your legal liabilities can be substantial. Commercial property law is complex, but you can avoid common pitfalls.

Health and safety

With information and sound advice, living up to your legal responsibilities to safeguard your employees, customers and visitors need not be difficult or costly.

Data protection and IT

As information technology continues to evolve, legislation must also change. It affects everything from data protection and online selling to internet policies for employees.

Intellectual property

Intellectual property (IP) isn't solely relevant to larger businesses or those involved in developing innovative new products: all products have IP.

Exit strategies

Knowing how and when you plan to sell or relinquish control of your business can help you to make better decisions and achieve the best possible outcome.

Personal law

From bereavement, wills, inheritance, separation and divorce to selling a house, personal injury and traffic offences, learn more about your personal legal rights.

Research shows weak passwords plague businesses of all sizes

3 September 2025
Submitted by Anonymous (not verified) on Wed, 09/03/2025 - 12:45

New study reveals poor password hygiene across small, medium, and large companies - putting sensitive data at risk.

When it comes to cybersecurity, size doesn’t always mean strength. NordPass, together with cybersecurity experts from NordStellar, has analysed thousands of credentials used across various industries and found one common thread in their newest research: weak passwords are everywhere, from local shops to global corporations.

"These are the organisations handling customer data, financial transactions, and sensitive intellectual property. Yet even at the enterprise level, we still see weak and reused credentials - and that’s an open invitation to attackers," says Karolis Arbaciauskas, head of product at NordPass.

The top 20 not-so-secret enterprise passwords

The research highlights how small businesses, mid-sized firms, and enterprises are using login details that would make any attacker’s job easy. Among the worst offenders are familiar classics like “123456”, “password”, and “11111111”, as well as company-related phrases and predictable number patterns.

Small businesses showed particularly casual habits, with passwords such as: 123456, ABCDEF, seila98, rally95fo, prestashop_demo, user@123, studlgu$$, Abcd1234, regalo111, and many more predictable passwords.

Enterprises, despite greater resources and higher stakes, were far from immune. Here are the top 20 not-so-secret passwords:

  1. 123456789
  2. 123456
  3. 12345678
  4. 11111111
  5. 123123
  6. 00000000
  7. password
  8. a123456
  9. 12345
  10. 1234567890
  11. a123456789
  12. 88888888
  13. qq123456
  14. 123321
  15. 000000
  16. 987654321
  17. woaini1314
  18. FQRG7CS493
  19. 123456789a
  20. P@ssw0rd

Why it matters

Weak or reused passwords remain a primary cause of breaches, phishing success, and credential-stuffing attacks. For small businesses, it could mean operational downtime or reputation loss; for enterprises, the stakes include regulatory fines, supply chain exposure, and significant financial damage.

The fix is simple, but often overlooked:

  • Ban default and predictable passwords. Companies need to enforce strong password policies, requiring complexity and regular updates to keep accounts secure.
  • Train staff regularly on cybersecurity basics. Employees remain the biggest entry point for attackers. Regular workshops and reminders about phishing, password hygiene, and safe sharing practices can drastically reduce risks.
  • Use a business-grade password manager. Password managers allow companies to securely store, share, and generate strong credentials. They also help avoid risky habits like writing down passwords or reusing them across multiple platforms.
  • Move toward passkeys and multi-factor authentication. MFA adds an extra layer of protection by requiring additional verification, while passkeys are an even stronger, passwordless option that’s gaining traction in enterprise security.

"Whether you’re a two-person start up or a multinational, your cybersecurity is only as strong as your weakest password," Arbaciauskas adds. "It’s time to treat credentials with the same care as your most valuable assets."

Story issued by Gabriele Gecaite, Nordpass Public Relations.

News type: 
Small business news

Stay up-to-date with business advice and news

Sign up to this lively and colourful newsletter for new and more established small businesses.

Contact us

Make an enquiry