Story image

Our lax attitude to passwords is 'leaving the front door open' to trouble

19 Jan 17

The humble password is still creating headaches for internet users across the world – and many people are still using bad password decisions, according to new global research from Kaspersky Lab.

In 2016, internet users are using the same password for multiple accounts, storing passwords insecurely and using weak passwords that are easy to crack, the report, titled Consumer Security Risks Survey 2016, found.

Of users surveyed, 18% stated they’ve encountered a hack attempt, and only 30% create new, effective passwords for different online accounts.

 One in every 10 respondents uses the same password for all of their online accounts, meaning that if that password is leaked their entire online presence can be hacked, the report found.

These bad decisions are putting online safety at risk and may have far-reaching consequences, Kaspersky Labs says.
Internet users across the globe are yet to master how to use passwords effectively to protect themselves online

“Considering the amount of private and sensitive information that we store online today, people should be taking better care to protect themselves with effective password protection. This seems obvious, but many might not realise that they are falling into the trap of making simple password management mistakes,” says Kaspersky Lab’s head of consumer business Andrei Mochola.

“These mistakes, in turn, are effectively like leaving the front door open to emails, bank accounts, personal files and more,” he continues.

Those mistakes also include using passwords that just aren’t strong enough, with only 47% of respondents using a combination of upper and lowercase letters. Using numbers and letters is a more common technique, as 64% of respondents use this method.

“The Internet has been around for a while now but people are still making simple mistakes when it comes to online passwords. The best passwords cannot be found in the dictionary. They are long, with upper and lowercase letters, numbers and punctuation marks,” Mochola says.

The lax attitudes to passwords continues, with only 51% believing that online banking needs a strong password, followed by 39% for email and 37% for online shopping accounts.

While using weak passwords is one thing, mistreating them is also a problem, the report found. 28% of respondents had shared their password with a close family member, 11% had shared one with friends and 22% wrote their passwords down in a notebook.  Kaspersky Labs says that even if passwords are strong, they can be unintentionally leaked.

“With people having so many online accounts today, it’s not easy to remember a secure password for everything. Using a password management solution can help people remember and generate strong passwords to minimise the risk of account hacking online,” Mochola concludes.

Hillstone CTO's 2019 security predictions
Hillstone Networks CTO Tim Liu shares what key developments could be expected in the areas of security compliance, cloud, security, AI and IoT.
Can it be trusted? Huawei’s founder speaks out
Ren Zhengfei spoke candidly in a recent media roundtable about security, 5G, his daughter’s detainment, the USA, and the West’s perception of Huawei.
Oracle Java Card update boosts security for IoT devices
"Java Card 3.1 is very significant to the Internet of Things, bringing interoperability, security and flexibility to a fast-growing market currently lacking high-security and flexible edge security solutions."
Sophos hires ex-McAfee SVP Gavin Struther
After 16 years as the APAC senior vice president and president for McAfee, Struthers is now heading the APJ arm of Sophos.
Half of companies unable to detect IoT device breaches
A Gemalto study also shows that the of blockchain technology to help secure IoT data, services and devices has doubled in a year.
Huawei founder publically denies spying allegations
“After all the evidence is made public, we will rely on the justice system.”
Malware downloader on the rise in Check Point’s latest Threat Index
Organisations continue to be targeted by cryptominers, despite an overall drop in value across all cryptocurrencies in 2018.
IoT breaches: Nearly half of businesses still can’t detect them
The Internet of Thing’s (IoT’s) rapid rise to prominence may have compromised its security, if a new report from Gemalto is anything to go by.