People know reusing passwords is risky – then do it anyway

Cyber Security

And most people don’t change their password even after hearing about a breach, a survey finds

While nearly all respondents in a recent survey were aware of the risks associated with poor password hygiene, most people don’t do anywhere near enough to keep attackers at bay, the third installment of the LastPass Psychology of Passwords Report has revealed.

As many as 9 in 10 respondents surveyed by the password manager purveyor acknowledged knowing that recycling the same password or using a variation of it across multiple account was risky. Still, two-thirds used the same password or a derivate for all their online accounts, which is actually an increase of 8 percentage points from the survey conducted in 2018. The new edition of the survey took place in March of this year and canvassed opinions from 3,250 people on various continents.

The report also reveals that 53% of respondents haven’t changed their password in the last year even after they heard about a breach in the news. Also, 4 in 10 people believe that having an easy-to-remember password is more important than a secure password. Apparently some take it a bit too far, since studies have shown that year after year, passwords such as “12345”, “123456” and “123456789” top the lists of the most popular passwords.

One of the reasons people don’t apply proper password hygiene is that they underestimate the risk. In fact, 4 in 10 think that their accounts aren’t worth the hacking effort. One thing to remember is that everyone is a target. Your information can be part of a breach that involves millions of stolen credentials. That data can then be used to piece together other information, since if you recycle your passwords, bad actors can gain access to other services, including your online banking.

RELATED READING: How to spot if your password was stolen in a security breach

Speaking of which, almost three-quarters of respondents concurred that financial accounts need extra protection. About half said that email accounts needed stronger passwords since those are usually at the center of people’s digital identities and can contain tons of exploitable data. A third considers medical records sensitive enough to require protection by stronger passwords as well.

Luckily, most respondents realize that there are additional steps they can take to secure their accounts, such as multi-factor authentication (MFA). Only 1 in 5 wasn’t aware of what MFA was, while over a half said that they use it to secure their personal accounts and 37% use it at work.

To sum it up, you should avoid creating simple passwords and recycling them across accounts – two of the common password mistakes people make. Instead, opt for long passphrases, consider using a password manager and add that extra protection layer with MFA, whenever available.





Products You May Like

Articles You May Like

Boston bans government use of facial recognition
Daily Crunch: Magic Leap gets a new CEO
Hundreds arrested after police crack encrypted chat network
Company web names hijacked via outdated cloud DNS records
How to watch Rocket Lab launch satellites for Canon, Planet and more live

Leave a Reply

Your email address will not be published. Required fields are marked *