Real Estate Pros’ Most Common Passwords May Be Dangerous

If you see your password on this list, change it now.
Password on sticky note with lock

© Media Trading Ltd - iStock/Getty Images Plus

A strong password is the backbone to data security. Yet a new study finds that real estate professionals are relying on common, easy-to-guess passwords, phrases and formats that could put their information and that of their clients at greater risk.

Recent research from password management firm NordPass reveals the most common passwords used among workers in 20 industries, including real estate. The study found that real estate pros most often incorporate their full company name, the company’s email domain or part of the company’s name into their passwords.

“These types of passwords are both poor and dangerous to use,” says NordPass CEO Jonas Karklys. “When breaking into company accounts, hackers try all the password combinations referencing a company because they are aware of how common they are. Employees often avoid creating complicated passwords, especially for shared accounts. Therefore, they end up choosing something as basic as the company’s name.”

The NordPass study also found that workers in the real estate sector rely on common passwords like “password,” “123456” and “default.” The study found the following passwords are most commonly used in real estate:

  • Part of the company’s name
  • Company’s email domain
  • Part of the company’s name + “1”
  • Password
  • Indiana1
  • Aaron431
  • 123456
  • Company name
  • default

Though not in the top 10, the study also found that real estate pros often picked the words “fashion” and “sexy4sho” for their passwords.

What Makes a Strong Password?

NordPass says companies need to strengthen their passwords to avoid risk. Passwords should consist of random combinations of at least 20 upper- and lower-case letters, numbers and special characters. Also, researchers urge users to enable multifactor authentication for their accounts, which, besides a password login, also sends an SMS or email code to verify security. Password managers can be used to store all passwords in one place.

Inevitably, many tech experts believe, passwords will ultimately fade away since they have become so vulnerable to cybersecurity breaches. For example, businesses like Google, Microsoft, Apple and PayPal have adopted passkey technology, offering a login without the use of a password. Authentication instead relies on biometrics—such as a fingerprint or facial recognition—or a PIN code. Karklys believes other online companies will follow suit. “The world desperately needs to switch to new online authentication solutions,” Karklys says.

Until then, real estate pros must make extra efforts to keep data secure. Watch the “Window to the Law” video from the National Association of REALTORS® below for more tips on minimizing the risk of a potential data security breach.