Skip to main content
We're here with practical tax information for your business. Find out about business taxes, tax planning and more.

Search

  1. News
  2. Small business news

Making tax digital

Making Tax Digital is transforming the UK tax system. Sole traders, landlords and VAT-registered businesses will need to keep digital records and report income and expenses online.

Tax rates and tax thresholds

We've scoured the web to get you the most up-to-date advice which includes the most useful tools on offer from the officials themselves.

Business tax planning

Effective tax planning is essential if you are to minimise your tax bills. Simple tax planning can significantly reduce your tax liabilities.

Tax self-assessment

The self-assessment tax return is an unavoidable burden if you are liable for self-employed tax or have complicated income tax affairs.

Corporation tax

Corporation tax is charged on a company's profits. If you trade as a limited company, ensure that paying this tax is as painless as possible.

National Insurance

National Insurance Contributions (NICs) are payable whether you are self-employed or employed by your own company, although different rates apply.

Payroll and benefits

As well as your legal obligations, you’ll want to ensure that payroll is painless and that you use any opportunities to improve your tax-efficiency.

VAT

Effective VAT planning aims to ensure that VAT is relatively painless, and that you are reclaiming as much as possible of the VAT you pay.

Capital gains

Capital gains are made when you sell something for more money than you paid for it. As a result, you can be subject to tax. Take professional advice.

Commercial property taxes

Business property taxes apply to businesses with commercial premises.There are two commercial property taxes: business rates and stamp duty land tax.

Tax problems and investigations

If you have tax problems or face a tax investigation, it pays to seek professional advice and you must act rather than just hoping for the best.

Research shows weak passwords plague businesses of all sizes

3 September 2025
Submitted by Anonymous (not verified) on Wed, 09/03/2025 - 12:45

New study reveals poor password hygiene across small, medium, and large companies - putting sensitive data at risk.

When it comes to cybersecurity, size doesn’t always mean strength. NordPass, together with cybersecurity experts from NordStellar, has analysed thousands of credentials used across various industries and found one common thread in their newest research: weak passwords are everywhere, from local shops to global corporations.

"These are the organisations handling customer data, financial transactions, and sensitive intellectual property. Yet even at the enterprise level, we still see weak and reused credentials - and that’s an open invitation to attackers," says Karolis Arbaciauskas, head of product at NordPass.

The top 20 not-so-secret enterprise passwords

The research highlights how small businesses, mid-sized firms, and enterprises are using login details that would make any attacker’s job easy. Among the worst offenders are familiar classics like “123456”, “password”, and “11111111”, as well as company-related phrases and predictable number patterns.

Small businesses showed particularly casual habits, with passwords such as: 123456, ABCDEF, seila98, rally95fo, prestashop_demo, user@123, studlgu$$, Abcd1234, regalo111, and many more predictable passwords.

Enterprises, despite greater resources and higher stakes, were far from immune. Here are the top 20 not-so-secret passwords:

  1. 123456789
  2. 123456
  3. 12345678
  4. 11111111
  5. 123123
  6. 00000000
  7. password
  8. a123456
  9. 12345
  10. 1234567890
  11. a123456789
  12. 88888888
  13. qq123456
  14. 123321
  15. 000000
  16. 987654321
  17. woaini1314
  18. FQRG7CS493
  19. 123456789a
  20. P@ssw0rd

Why it matters

Weak or reused passwords remain a primary cause of breaches, phishing success, and credential-stuffing attacks. For small businesses, it could mean operational downtime or reputation loss; for enterprises, the stakes include regulatory fines, supply chain exposure, and significant financial damage.

The fix is simple, but often overlooked:

  • Ban default and predictable passwords. Companies need to enforce strong password policies, requiring complexity and regular updates to keep accounts secure.
  • Train staff regularly on cybersecurity basics. Employees remain the biggest entry point for attackers. Regular workshops and reminders about phishing, password hygiene, and safe sharing practices can drastically reduce risks.
  • Use a business-grade password manager. Password managers allow companies to securely store, share, and generate strong credentials. They also help avoid risky habits like writing down passwords or reusing them across multiple platforms.
  • Move toward passkeys and multi-factor authentication. MFA adds an extra layer of protection by requiring additional verification, while passkeys are an even stronger, passwordless option that’s gaining traction in enterprise security.

"Whether you’re a two-person start up or a multinational, your cybersecurity is only as strong as your weakest password," Arbaciauskas adds. "It’s time to treat credentials with the same care as your most valuable assets."

Story issued by Gabriele Gecaite, Nordpass Public Relations.

News type: 
Small business news

Stay up-to-date with business advice and news

Sign up to this lively and colourful newsletter for new and more established small businesses.