SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Story image
Our lax attitude to passwords is 'leaving the front door open' to trouble
Thu, 19th Jan 2017
FYI, this story is more than a year old

The humble password is still creating headaches for internet users across the world – and many people are still using bad password decisions, according to new global research from Kaspersky Lab.

In 2016, internet users are using the same password for multiple accounts, storing passwords insecurely and using weak passwords that are easy to crack, the report, titled Consumer Security Risks Survey 2016, found.

Of users surveyed, 18% stated they've encountered a hack attempt, and only 30% create new, effective passwords for different online accounts.

 One in every 10 respondents uses the same password for all of their online accounts, meaning that if that password is leaked their entire online presence can be hacked, the report found.

These bad decisions are putting online safety at risk and may have far-reaching consequences, Kaspersky Labs says. Internet users across the globe are yet to master how to use passwords effectively to protect themselves online

“Considering the amount of private and sensitive information that we store online today, people should be taking better care to protect themselves with effective password protection. This seems obvious, but many might not realise that they are falling into the trap of making simple password management mistakes,” says Kaspersky Lab's head of consumer business Andrei Mochola.

“These mistakes, in turn, are effectively like leaving the front door open to emails, bank accounts, personal files and more,” he continues.

Those mistakes also include using passwords that just aren't strong enough, with only 47% of respondents using a combination of upper and lowercase letters. Using numbers and letters is a more common technique, as 64% of respondents use this method.

“The Internet has been around for a while now but people are still making simple mistakes when it comes to online passwords. The best passwords cannot be found in the dictionary. They are long, with upper and lowercase letters, numbers and punctuation marks,” Mochola says.

The lax attitudes to passwords continues, with only 51% believing that online banking needs a strong password, followed by 39% for email and 37% for online shopping accounts.

While using weak passwords is one thing, mistreating them is also a problem, the report found. 28% of respondents had shared their password with a close family member, 11% had shared one with friends and 22% wrote their passwords down in a notebook.  Kaspersky Labs says that even if passwords are strong, they can be unintentionally leaked.

“With people having so many online accounts today, it's not easy to remember a secure password for everything. Using a password management solution can help people remember and generate strong passwords to minimise the risk of account hacking online,” Mochola concludes.