TELUS brings back Buy One, Give One offer

Posted in Commentary with tags on November 18, 2025 by itnerd

There’s a uniquely Canadian, purpose-driven campaign from TELUS that’s giving a new meaning to the traditional concept of BOGO. This Black Friday weekend (Nov 28-30), for every new or certified pre-owned phone purchased, TELUS will give a free phone and plan to a Canadian youth transitioning out of government care through its Mobility for Good program

Now in its 5th year, TELUS’ Buy One, Give One initiative empowers Canadians to shop with purpose –  knowing their purchase is helping bridge digital divides and keep vulnerable youth connected. The offer is available online, by phone, and at select stores. Since its launch in 2017, the Mobility for Good program has provided support for over 69,000 people. 

Together, these initiatives reflect TELUS’ ongoing commitment to giving back and making a positive impact on customers and communities across Canada.

Leave a comment »

OpenText Unveils Next-Generation AI Data Platform for Secure Information Management

Posted in Commentary with tags on November 18, 2025 by itnerd

OpenText today announced its vision for the future of enterprise AI with the introduction of the OpenText AI Data Platform (AIDP). OpenText AI Data Platform addresses the convergence of data and AI to deliver secure and scalable enterprise capabilities.

As volumes of proprietary data grow exponentially, organizations face mounting pressure to manage, secure, and activate their private information. Moreover, according to McKinsey’s annual State of AI study, 51% of organizations using AI have experienced at least one negative consequence and inaccuracy, underscoring the need for information governance. OpenText’s innovation roadmap focuses on helping customers establish contextual data foundations to fuel accurate AI results to accelerate business outcomes.

A Vision for Contextual AI

OpenText’s AI strategy is built on nearly 35 years of being the custodians of data for its customers. Practical enterprise AI requires agents to understand the specific situation, environment, and task it operates within to be effective. With the right context, OpenText can bring new life to old data, while solving relevancy and avoiding false confidence.

OpenText business applications assist enterprises in managing their largest data sets today including documents, commerce trades, IT tickets, and security signals. This can be human generated content, machine generated content, or content between organizations. OpenText ensures that information has metadata tags to provide data lineage, data rights, and data retention policies. With data security and identity access management wrapped around it, these contextual elements are critical to driving accuracy with any enterprise AI model.

OpenText Aviator then sits on top of this contextually rich data to enable automated workflows with agentic AI. OpenText’s Aviator is unique because it adheres to three core standards:

  • Multi-cloud: Supports on-premises, cloud, and hybrid deployments
  • Multi-model: Compatible with any AI model (LLM, SLM), including bring-your-own-model
  • Multi-application: Deep integration with ERP, CRM, and other enterprise platforms

This open architecture ensures that organizations can tailor their AI strategies to their specific business, industry, and compliance needs. Furthermore, OpenText is working across the ecosystem with alliance partners like SAP, Microsoft, Google, Salesforce, Oracle, and more on deep integrations to drive an agent-to-agent roadmap.

Today, OpenText also announced it will be expanding its partnership with Databricks, the Data and AI company. OpenText already builds solutions on the Databricks Data Intelligence Platform with OpenText Threat Detection and Response. Now OpenText and Databricks will be working to co-innovate on the OpenText AI Data Platform through technical integrations and Delta Sharing. Together, customers can seamlessly unify, govern, and analyze all their enterprise data, empowering them to unlock trusted AI insights and drive innovation at scale.

Showcasing Innovation at OpenText World 2025

At its annual flagship event, OpenText World 2025, the company also introduced several groundbreaking innovations and outlined its 18-month roadmap (releases OT 26.1 – OT 27.2) that redefine how enterprises will interact with data and AI:

  • OpenText AI Data Platform (AIDP) – An open, unified data and AI framework with a governance orchestration layer that enables AI agents (Aviators) to help customers unlock new value.
  • OpenText Aviator Studio – A no-code platform to build, govern, and connect enterprise AI agents to empower organizations to realize ROI from AI faster.
  • OpenText Knowledge Discovery – A set of tools to ingest structured and unstructured data, automate meta-data tagging, and connect to rich data sources in real-time.
  • OpenText Data Compliance – A suite of services including AI readiness assessments, data redaction and PII controls, data tokenization, data encryption and privacy protection, and threat detection and response.
  • OpenText Aviator AI Services – A team of OpenText Professional Services experts to help customers on the journey from discovery to deployment to adoption of purpose-built agents to realize business value.

Get Started

Organizations can take advantage of OpenText Aviator today for practical use cases from fraud detection to claims management to predictive maintenance. Learn more here.  

OpenText Aviator entry tier package will be included with an upgrade to OT 26.1 of Content ManagementService Management, and Communications Management at no additional fee.

OpenText Aviator will also be available on-premises starting OT 26.1 for Content ManagementCommunications ManagementService ManagementDevOps Management, and Application Security.

Lastly, OpenText continues to partner with customers to navigate through complex requirements for sovereignty data and AI. Learn more here.

Leave a comment »

Cloudflare Goes Down And Takes A Lot Of The Internet With It

Posted in Commentary with tags on November 18, 2025 by itnerd

If you were trying to get to Twitter, ChatGPT, Salesforce, or any number of other sites and you were having issues, it wasn’t you. Cloudflare, who are a content delivery network that also provides network and security products to companies took a dive. If you have a look at their status page, they acknowledge that they had an issue, but it is in the process of being resolved. But as I type this, there are still scattered reports of issues. Chances are, these issues will likely go away as the day goes on.

The folks at Cisco ThousandEyes have an outage map. I also got this statement from them regarding what they observed:

On November 18, 2025, at approximately 11:30 UTC, Cisco ThousandEyes began observing a global outage affecting cloud and CDN provider Cloudflare, impacting multiple Internet services including X, OpenAI, and Anthropic. While network paths to Cloudflare’s front-end infrastructure appeared clear of any elevated latency or packet loss, Cisco ThousandEyes observed a number of timeouts and HTTP 5XX server errors, which is indicative of a backend services issue. While Cloudflare has confirmed they are implementing remediation, the outage is still ongoing. Sample service impacted by the outage: https://cs.co/604475xqg

Thus for those who were hoping for a digital snow day, sorry.

Leave a comment »

2026 Predictions From Kognitos

Posted in Commentary with tags on November 18, 2025 by itnerd

Binny Gill, CEO and Founder of Kognitos, and Neeraj Mathur, Vice President of AI Solutions Engineering at Kognitosoffer their perspective on how in 2026, software and work alike will shift toward experience-driven models where AI handles the repetitive tasks and flexible automation frees people and businesses to focus on higher-value creativity and impact.

Binny Gill, CEO and Founder, Kognitos

“The software industry will start to look a lot like the restaurant business. You can cook a meal at home if you want, or you can go out to eat. Building software in-house is like cooking; buying software is like dining out. Both will exist. Some companies will cook more, some will buy more, but the question isn’t about features anymore. It’s about experience. A restaurant isn’t popular because it has the most dishes; it’s popular because people love the experience. That’s how software will evolve. It won’t be about build versus buy, it’ll be about the kind of experience the customer wants to have.”

Neeraj Mathur, Vice President of AI Solutions Engineering at Kognitos

“AI will not replace people, but it will absolutely replace the parts of work that keep people from thinking. The goal should never be to remove humans from the process. It should be to remove the repetitive, time-consuming steps that add no real value. When employees see that AI can take care of the small tasks, they start to use their creativity and judgment more. That is when real transformation begins. The future of work is not machines running everything; it is humans using AI as a partner to think and move faster.”

Leave a comment »

Secure.com Launches Digital Security Teammate to Bridge 4.8M Talent Gap as Global Cybercrime Soars to $10.5 Trillion

Posted in Commentary with tags on November 18, 2025 by itnerd

 Secure.com today announced the launch of Digital Security Teammate (DST), a new category of AI-native agents built to help security teams survive the largest operational crisis the industry has ever faced. According to Cybersecurity Ventures, cybercrime damages have reached $10.5 trillion globally, the talent gap has widened to 4.8 million unfilled roles, and security teams continue to drown in 1000s of alerts a day from tools they cannot staff or manage.

The company also announced that it has secured its first investment from Disrupt.com, the leading venture builder out of MENA behind notable global startups, including the $350M bootstrapped exit of Cloudways to DigitalOcean. The $4.5M backing signals a broader regional push to accelerate AI-native security innovation.

A Crisis Too Large for Human Teams Alone

As revealed in IBM’s Cost of a Data Breach Report 2025, breaches in the United States now hit an all-time high of $10.22 million, and breaches in the Middle East average $7.29 million, yet only 49% of breached companies plan to increase security spending. Leaders face five-month hiring cycles, analyst salaries above $300,000 per year, and rising failure rates across traditional operations.

The pressure on cybersecurity teams has reached a breaking point. A survey from Object First shows that 84% of security professionals report being uncomfortably stressed, and nearly 60% are considering leaving the profession. Turnover, burnout, and talent drain are eroding security from the inside as threats accelerate.

Only AI-powered defense can keep up with AI-powered attacks, yet most mid-sized, cloud-first organizations are still operating with pre-AI tooling and lean teams. Growing compliance and reporting requirements further demand faster response, higher accuracy, and continuous auditability.

Together, these forces are creating a crisis too large for human teams to shoulder alone.

Introducing Digital Security Teammates

DSTs are always on AI-native agents that work inside a company’s existing security stack. They investigate alerts, triage incidents, perform compliance tasks, and escalate only when needed, simplifying, not replacing, the tools teams already have. Unlike MDR, SOAR, or single-vendor co-pilots, DSTs deploy in minutes, work across the entire stack, and deliver value within the first 30 minutes.

Core capabilities include:

  • Unified Intelligence: DSTs consolidate insights across existing tools
  • 60% Noise Reduction: Contextual analysis eliminates noise
  • Natural Language Interface: Security teams interact with DSTs conversationally, no new training required
  • Transparent Operations: Every action is explained and auditable, building trust with human teams
  • Regulatory Alignment: Built-in compliance for SOC2, ISO 27001, NCA ECC, SAMA, and regional frameworks
  • Detailed Asset Insight with discovery, classification, and full context, powered by a knowledge graph
  • Integration with 200+ existing security platforms, including IBM QRadar, CISCO, Sentinel One, Splunk, CrowdStrike, Palo Alto Networks, and others, such as AWS, GCP & Azure Native cloud services

Unlike conventional tools, DSTs are designed with a user-first experience, giving lean teams clarity instead of complexity.

DSTs absorb the high-volume, high-fatigue tasks that burn out L1 and L2 analysts, from triage to compliance prep, freeing teams to focus on high-impact security work. By eliminating alert noise and manual triage, they prevent operational pressure from escalating to CISOs. The result: teams regain clarity, reclaim hours, and redirect their attention to full-context investigations with real impact and strategic improvements.

Real Results From Early Deployments

Early rollouts across finance, healthcare, and technology companies, especially among mid-market, cloud-first organizations with lean security teams, have shown transformative outcomes:

  • 70% faster detection MTTD (Mean Time To Detection) and 50% faster resolution MTTR (Mean Time To Resolution)
  • 75% faster alert triage and prioritization
  • 2,000+ analyst hours saved annually per Digital Teammate, plus nearly 200 hours saved per analyst each month, reducing asset-related workload by 62%
  • 60% reduction in alert fatigue

Early deployments include partners such as BayzatBlackpanda, and INIT Global. Beyond these, Secure.com is collaborating with over a dozen design partners across tech, fintech, XDR, MSP, and MSSP ecosystems, giving the platform deep, real-world coverage and accelerating rollout across the GCC, APAC, and the US.

A Milestone for the Middle East’s AI Ambitions

The launch strengthens the Middle East’s growing role in global AI innovation. With sustained investment in automation, resilience, and an AI-ready workforce, the region is rapidly emerging as a leader in next-generation technologies. Secure.com joins a rising cohort of companies building mission-critical AI solutions in the region and deploying them worldwide.

Enterprise Security for Everyone

Secure.com is now available to organizations, from growing businesses to global enterprises. DSTs begin mapping environments and building context within the first 30 minutes. Pricing begins at $2,500/month, giving companies enterprise-grade protection at a fraction of a human analyst’s cost.

Leave a comment »

Peer Software Expands Data Orchestration and Analytics Platform with Major Updates to PeerGFS and PeerIQ

Posted in Commentary with tags on November 18, 2025 by itnerd

Peer Software today announced significant advancements across its enterprise data orchestration and analytics platform with new releases of Peer Global File Service (PeerGFS) and PeerIQ. Together, these updates deliver expanded storage platform support, improved resiliency and performance, enhanced security and compliance, and powerful analytics for hybrid and multi-cloud enterprises.

PeerGFS: Simplifying Multi-Cloud File Management and Replication

The new version of PeerGFS introduces major updates to simplify file management and replication across multi-site, multi-platform, and hybrid multi-cloud environments. Key enhancements include:

  • Expanded Dell Ecosystem Integration – Building on its proven support for Dell PowerScale, PeerGFS now extends integration to Dell PowerStore and enhances support for Dell Unity. This expansion enables replication and synchronization of SMB, NFS, and multi-protocol workloads.
     
  • Enterprise Resiliency and Performance – Features such as large file transfer resume, significantly faster rescans, DFS Namespace integration for multi-protocol jobs, and streamlined NFS failover automation boost reliability and uptime.
     

PeerGFS continues to empower organizations to keep data highly available and consistent across complex environments—from edge to data center to cloud—enabling Active-Active synchronization, maintaining version integrity for collaborative file sharing, and replicating massive volumes of unstructured data with confidence.

PeerIQ: Multi-Platform Storage Analytics and Monitoring

The latest release of PeerIQ, Peer Software’s multi-platform storage analytics and monitoring solution, now delivers machine learning–based anomaly detection and expanded scalability for large-scale hybrid environments.

New capabilities include:

  • Machine Learning–Based Anomaly Detection – Identifies abnormal user or client IP behavior, with continuous analysis and algorithm retraining to refine accuracy.
     
  • Comprehensive Event Logging – Provides detailed, real-time event capture for file event monitoring and auditing across the enterprise.

These innovations give IT and security teams a powerful toolkit for proactive monitoring, compliance reporting, and faster issue resolution—helping them spot and address potential problems before they impact operations.

Leave a comment »

EnGenius Debuts ECC500 AI Camera at ISC East 

Posted in Commentary with tags on November 18, 2025 by itnerd

EnGenius Technologies, a global leader in AI-ready networking and smart surveillance solutions, is proud to announce the official launch of the ECC500, the latest breakthrough in its expanding EnGenius AI Surveillance lineup. The company will showcase the ECC500 with live, hands-on demonstrations throughout ISC East 2025, taking place November 18–20 at the Javits Center, 429 11th Ave, New York, NY 10001.

The new ECC500 AI camera brings cutting-edge intelligence to the edge, delivering advanced object detection, real-time classification, smarter alerts, and enhanced situational awareness for today’s most demanding environments—including hospitality, MDU, commercial buildings, retail, and education. By processing AI events directly on-device, the ECC500 dramatically reduces false positives and speeds up response times, giving organizations faster insights with greater accuracy.

At the EnGenius booth number 206, attendees will experience live AI demonstrations, including event detection, smart search, object tracking, and seamless integration with the EnGenius Cloud surveillance interface. These demos highlight how the ECC500 simplifies operations, accelerates investigations, and strengthens overall security strategies—without the complexity or high costs associated with traditional enterprise systems.

EnGenius invites all ISC East attendees to visit Booth #206 at the Javits Center to explore the ECC500, see live AI demos, and learn how the EnGenius AI Surveillance solution delivers smarter, more scalable protection.

For more information, visit https://www.engeniustech.com/ai-cloud-edge-camera-surveillance.html

Leave a comment »

Fortinet and Crime Stoppers International Launch Global Cybercrime Bounty Program

Posted in Commentary with tags on November 18, 2025 by itnerd

Fortinet and Crime Stoppers International (CSI), the world’s only global crime reporting platform, today announced the launch of a global partnership and pioneering Cybercrime Bounty program. The partnership with CSI introduces a collaborative program to allow more expansive action against cybercrime, including converged crime. The initial output of the partnership is the Cybercrime Bounty, an initiative designed to encourage individuals worldwide to safely and anonymously report cybercriminal activity, thereby strengthening cyber resilience for organizations and governments and furthering Fortinet’s collaborative efforts with public and private sector partners to advance collective action against cybercrime.

This first-of-its kind Cybercrime Bounty program will demonstrate how collaboration can accelerate innovation, intelligence sharing, coordinated response, and tangible accountability results, driving real cybercrime deterrence and disruption.

Through this unique collaboration, CSI will leverage its trusted anonymous reporting infrastructure to provide a secure channel for citizens and ethical hackers to share information about cyberthreats. Fortinet will contribute its expertise in threat intelligence and cybersecurity innovation to validate, analyze, and put reports into action, where appropriate, routing cybersecurity threat intelligence packages to law enforcement partners for investigations, arrests, and prosecutions.

Together, the shared expertise and resources of the Fortinet and CSI partnership and the Cybercrime Bounty will incentivize disruption, strengthening national and economic security.

A Global Call to Action
The Cybercrime Bounty program represents an unprecedented collaboration between a community-based crime prevention organization and a global cybersecurity leader. It combines CSI’s trusted global network with Fortinet’s world-class threat intelligence expertise to deliver a practical, scalable solution to take on one of today’s most pressing cybersecurity challenges.

Accountability is key to deterrence. Fortinet has committed over 13 years to uniting public and private sectors to systematically disrupt cybercriminal operations and strengthen cyber resilience worldwide. Teamwork is critical to counter cybercriminals. Cybercrime is not a problem any one organization can solve alone; it requires continuous intelligence sharing, education, and a commitment to public-private cooperation at scale. This collaboration with CSI creates a Cybercrime Bounty initiative built to continue scaling deterrence. 

A Global Disruption Framework and United Force Against Cybercrime
The Cybercrime Bounty program and initiative:

  • Fosters community engagement and support: Disrupting organized cybercrime requires a global effort, with strong, trusted relationships between private-sector participants and public-sector organizations to align private intelligence and critical infrastructure at speed and across networks and borders. The Fortinet and CSI Cybercrime Bounty program aligns with other successful public-private collaborations that are dedicated to transparency and accountability. 
  • Scales disruption against cybercrime: Patterns and weak links are in full force now, requiring speed vs. sovereignty to work across borders without losing trust or privacy. Coordinated response and accountability break down the shift from ad hoc cooperation to scalable disruption.
  • Leans into global cybersecurity and cybercrime prevention leadership: As a global leader in cybersecurity and stalwart dedicated to preventing cybercrime through systemic disruption, Fortinet delivers cyberthreat intelligence and visibility into cyber activity through its broad, integrated, and automated protections across the entire digital attack surface. The company also brings its long-standing commitment to pioneering efforts to disrupt cybercrime to this initiative, escalating accountability efforts to deter youth and other aspiring cybercriminals by sending a message that such actions will not go unaccounted for.
  • Leverages Fortinet’s leadership role in shaping global cybersecurity collaboration: Relevant insights and experience that Fortinet brings to this Cybercrime Bounty effort include experience gained as a founding member of the World Economic Forum’s Cybercrime Atlas. The Cybercrime Atlas: Impact Report 2025 highlights the tangible progress achieved through multi-sector collaboration in dismantling cybercriminal networks and building resilience at scale. This cybercrime bounty effort with CSI builds on Fortinet’s long-standing collaborations with esteemed organizations from both the public and private sectors, including government entities, academia, and other public organizations, as a fundamental aspect of Fortinet’s commitment to enhancing global cyber resilience.

Leave a comment »

Vanta Introduces Agentic Trust Platform

Posted in Commentary with tags on November 18, 2025 by itnerd

Vanta today unveiled a number of new products that redefine how enterprises earn and prove trust at scale. Powered by intelligent automation, Vanta’s industry-first Agentic Trust Platform helps teams understand their environment, anticipate what’s next, and automate workflows across compliance, risk, and security assessments.

According to Vanta’s 2025 State of Trust, 72% of business and IT leaders say overall risk is at an all-time high, yet nearly two-thirds spend more time posturing than protecting their organization. This highlights the need to adopt AI in ways that enhance security and decrease busywork.

Vanta’s Agentic Trust Platform brings new industry-defining capabilities including:

  • Vanta AI Agent 2.0: At the intelligent core of the Vanta Agentic Trust Platform, it acts as a 24/7 GRC engineer that understands an organization’s environment – anticipating what’s next, providing proactive, personalized guidance, and keeping compliance in sync.
  • Organizations Center: Organizations Center gives CISOs complete visibility across business units, products, and geographies with AI-powered scoping and audit workflows that simplify the audit process across complex enterprises.
  • Risk Graph: The Vanta Risk Graph turns fragmented risk data into a real-time, actionable map that shows how organizations’ risks connect and spread, pinpoints high-impact issues, and guides action before they escalate.
  • Customer Commitments: Customer Commitments maps customer obligations to the right controls and automates follow-through, ensuring every promise is tracked, met, and transparently communicated.

Vanta AI Agent 2.0 orchestrates trust workflows

Launched in July, the Vanta AI Agent saves customers an average of four hours per week by automating evidence collection and streamlining policy management.

With the launch of the Vanta AI Agent 2.0, it’s evolving into a dynamic 24/7 GRC engineer with complete program awareness and understanding. Powered by context and memory, the Vanta AI Agent 2.0 can expose program gaps, provide proactive, personalized guidance, and even take coordinated actions on critical work.

The Vanta AI Agent can now:

  • Accelerate audit preparation: Automatically collects and validates evidence, eliminating one of the most time-consuming and error-prone parts of audit prep. Asking the agent to help with various elements of audit prep such as identifying updates for a new framework, drafting policies for an office expansion, or recommending privacy adjustments for EU operations generates actionable, tailored responses in seconds.
  • Automate security questionnaires: Takes the first pass at questionnaires – filling in verified answers, surfacing gaps before they slow reviews, and giving teams ready-to-share responses to close deals faster.
  • Review and monitor vendors: Streamlines vendor oversight from discovery and due diligence through continuous monitoring, surfacing high-priority alerts so teams can focus where it matters most.

The Vanta AI Agent 2.0 will be available in the coming months.

Enterprise-grade visibility and control

As companies grow, so does the complexity of their compliance and risk programs with new products, acquisitions and regions introducing additional compliance frameworks and siloed information. Designed for CISOs and GRC leaders, Organizations Center connects multiple Vanta organizations into a single view while maintaining separation where needed. Along with Organizations Center, new enterprise capabilities will allow businesses to:

  • Define scopes across an organization: Defines scope by business unit, product line, geography, or acquisition. Vanta updates automatically as systems, personnel, or vendors change – keeping compliance current without manual effort.
  • Manage auditor requests: Simplifies audit collaboration by managing auditor requests, internal reviews, and evidence evaluation directly in Vanta or through the API.
  • Unify overlapping frameworks: Groups related controls into common requirements with mapped evidence, policies, and risks.

Risk Graph unifies risk management

In a connected business environment, even a single vendor vulnerability or internal misconfiguration can ripple across supply chains. According to Forrester, organizations are expanding their ecosystems of third-party relationships, creating interconnected risk exposure that traditional approaches struggle to manage.

Vanta’s Risk Graph creates a single source of truth for risks across the organization, turning disconnected alerts into a connected map that shows relationships across risks and how they spread throughout an environment. By combining signals from a company’s internal risk environment with third-party insights on vendors and flagging risks as they surface, Vanta’s Risk Graph enables teams to prioritize the highest-impact risks and trigger automated workflows from the Vanta AI Agent. The result is that teams can see not just what the risks are, but how they connect and where to act first.

The Vanta Risk Graph will be available in early 2026.

Customer Commitments keeps customer promises

Once a deal is signed, keeping up with promises made to customers is essential to maintaining trust and driving renewals. But many organizations struggle to manage these promises, especially custom obligations like breach notification SLAs or subprocessor updates. When an incident or vulnerability occurs, teams scramble to identify who they made commitments to – delaying responses and risking broken promises.

Customer Commitments is the only intelligent compliance solution that centralizes, tracks and acts on every promise an organization has made. It sends alerts if commitments are at risk, automates workflows to act on triggered commitments, maps commitments to relevant controls, and keeps customers informed through the Trust Center with verified, transparent updates.

Customer Commitments is in preview and will be available next year.

VantaCon 2025: Agentic Trust Platform

Vanta will debut and demo its Agentic Trust Platform tomorrow, November 19 at 9:30am PT at VantaCon 2025: AI is Rewriting Trust. Speakers from Anthropic, Snowflake, 1Password, Clay, Sierra, Golden State Warriors, Golden State Valkyries, Ramp, Duolingo and more will explore how AI is transforming trust, risk and compliance. To register for the livestream of the product keynote, visit https://www.vanta.com/vantacon.

Leave a comment »

Guest Post: The “qwerty123” is out: “admin” is Canada’s top password in 2025

Posted in Commentary with tags on November 18, 2025 by itnerd

NordPass, together with NordStellar, has released the seventh edition of its annual Top 200 Most Common Passwords research. In addition to identifying the most popular passwords globally and in 44 countries, this year, the research focused on understanding how the passwords used by different generations vary. 

Most common passwords in Canada

Below are the top 20 most common passwords in Canada. The full list of global passwords and those from other countries covered by this research is available here.

  1. admin
  2. 123456
  3. gallant123
  4. password
  5. 1hateyou
  6. 12345678
  7. 123456789
  8. ZZZzzz111
  9. 12345
  10. Password
  11. stinky124
  12. Cutie121
  13. Password1
  14. pelletier123
  15. winners1
  16. wowme234
  17. 123four56
  18. 12345678910
  19. imstupid
  20. 1234567890

Although cybersecurity experts keep repeating that simple passwords are extremely easy to guess using a dictionary and brute-force attacks, Canadians seem to ignore the warnings. Words, number combinations, and common keyboard patterns dominate Canada’s top 20 list.

This year, “admin” is the most common password in Canada, replacing last year’s top choice, “qwerty123,” while “123456” ranks second. However, different variations of the word “password” take up as many as three spots in Canada’s top 20 most common passwords list. Different numeric combinations take up six spots.

Researchers also point out that sports-related terms (e.g., “hockey”) are being replaced by swear words in some countries. But Canadians are too polite for that. Their top 20 lists for both last year and this year contain no profanities.

Global trends 

Globally, “123456” is the most common password, followed by “admin” in second place, and “12345678” in third — another simple numeric sequence. Such weak patterns, ranging from “12345” to “1234567890,” along with common weak passwords like “qwerty123,” dominate top 20 lists across many countries.

Compared to last year, researchers observed a significant increase in the use of special characters in passwords. This year, 32 passwords on the global list include them, a notable rise from just six last year. The most common special character in passwords is “@,” and most of the passwords are unfortunately no more complicated than “P@ssw0rd,” “Admin@123,” or “Abcd@1234.”

The word “password” remains one of the most popular passwords worldwide. It’s used both in English form and in local languages in nearly every country we studied — from Slovak “heslo” and Finnish “salasana” to French “motdepasse” and Spanish “contraseña.” 

“Generally speaking, despite all efforts in cybersecurity education and digital awareness over the years, data reveals only minor improvements in password hygiene. The world is slowly moving towards passkeys — a new passwordless authentication method based on biometric data — but in the interim, until passkeys become ubiquitous, strong passwords are very important. Especially since around 80% of data breaches are caused by compromised, weak, and reused passwords, and criminals will intensify their attacks as much as they can until they reach an obstacle they can’t overcome,” says Karolis Arbaciauskas, head of product at NordPass.

The myth of the “digital native”

Research shows that for Digital Natives — those who grew up immersed in the online world — extensive exposure to technology doesn’t automatically translate into a strong understanding of fundamental password security practices or the severe risks associated with poor choices.

“The password habits of 18-year-olds are similar to those of 80-year-olds. Number combinations, such as ‘12345’ and ‘123456,’ are in the top spots across all age groups. The biggest difference is that older generations are more likely to use names in their passwords,” says Arbaciauskas.

Research reveals that Generations Z and Y rarely use names in their passwords, preferring combinations like “1234567890” and “skibidi” instead. The use of names in passwords becomes more prevalent starting with Generation X, peaking among Baby Boomers. 

Among Generation X, the most popular name used as a password is “Veronica.” For Baby Boomers, it’s “Maria,” and for the Silent Generation, it’s “Susana.”

The full list is available here.

Password safety tips

According to Arbaciauskas, a few basic rules can greatly improve digital hygiene and help avoid falling victim to cyberattacks due to irresponsible password management:

  • Create strong random passwords or passphrases. Passwords should be at least 20 characters long and consist of a random combination of numbers, letters, and special characters. 
  • Never reuse passwords. The rule of thumb is that each account should have a unique password because if one account gets broken into, hackers can use the same credentials for other accounts.
  • Review your passwords. Make sure to regularly check the health of your passwords. Identify any weak, old, or reused ones and upgrade them to new, complex passwords for a safer online experience.
  • Use a password manager. It can help you generate, store, review, and safely manage all your passwords, ensuring they’re well protected, difficult to crack, and easily available when you need them.
  • Turn on multi-factor authentication (MFA). It adds an extra layer of security. MFA helps keep hackers out even if a password gets breached.

Research methodology

This report is the result of a joint effort between NordPass and NordStellar together with independent researchers specializing in research of cybersecurity incidents. Recent public data breaches and dark web repositories were analyzed for passwords exposed from  September 2024 to September 2025, with statistically aggregated data extracted. No personal data was acquired or purchased for this research.

Leave a comment »

« Older Entries
Newer Entries »