Account and Password Security Assessments

Account and Password Security Assessments

A quick search of Google and you will discover that the most common passwords remain pretty much the same year after year.

2019 2018 2017
123456 123456 123456
123456789 password Password
qwerty 123456789 12345678
password 12345678 qwerty
111111 12345 12345
12345678 111111 123456789
abc123 1234567 letmein
1234567 sunshine 1234567
password1 qwerty football
12345 iloveyou iloveyou

Conducting periodic account and password assessments can help to find and correct these weaknesses before a hacker does. This testing involves obtaining the account database and using password cracking and analysis tools to report on what is in place and what actions can be taken (technical, process, and training) to help mitigate the risks identified.

Network accounts and their associated passwords are oftentimes the weakest security link in healthcare organizations. Organizations maintain many accounts, and these accounts may have weaknesses such as generic or default accounts with default or easily guessable passwords. A simple weakness of having a generic account with an easily guessable password can lead to a full compromise of the network.

The engagement team will assess your systems to identify generic and default accounts and easily guessable passwords. The engagement team will also help you build a compromised password list you can use to force employees to use strong passwords.


  • Ranked #1 Best in KLAS for Cybersecurity Advisory Services in 2019 and 2020
  • HIPAA expert witness firm for OCR
  • Experienced CISOs and Privacy Officers
  • Dedicated to healthcare
  • Hundreds of clients coast to coast
  • Advisors to ONC / HHS