A new study by NordPass, in collaboration with NordStellar, reveals many hospitality businesses are using extremely weak passwords to protect their digital systems.

The research shows an industry-wide propensity to using passwords that are predictable, outdated or brand-specific.

Passwords such as “Reservations2022”, “Comfortinn4”, “Ramada@123” and even “123456” are commonly used, making it alarmingly easy for cybercriminals to access sensitive information.

“When weak passwords are used to protect booking systems, POS terminals or staff accounts, it’s an open invitation to cybercriminals,” warns Karolis Arbaciauskas, head of product and business development at NordPass.

Despite intensifying cyber risks, many hospitality businesses lack awareness of what it takes to secure client data.

NordPass, a password manager developed by the team behind NordVPN, is urging the hospitality sector to act and enhance its cybersecurity.

Steps business should take include providing regular employee training on cybersecurity; avoiding company names, dates or role-specific terms in passwords; enabling multi-factor authentication to help protect accounts, even if a password is compromised; and adopting secure password managers for teams to simplify the creation and storage of strong passwords.