The research unearthed three common password mistakes that are putting a large number of Internet users at risk: (1) people use the same password for multiple accounts, meaning that if one password is leaked, several accounts can be hacked. (2) People use weak passwords that are easy to crack and (3) people store their passwords insecurely, defeating the point of having passwords at all.
“Considering the amount of private and sensitive information that we store online today, people should be taking better care to protect themselves with effective password protection. This seems obvious, but many might not realise that they are falling into the trap of making simple password management mistakes. These mistakes, in turn, are effectively like leaving the front door open to emails, bank accounts, personal files and more”, says Andrei Mochola, Head of Consumer Business at Kaspersky Lab.
The research shows large numbers of people (almost one in five – 18 per cent) have faced an account hacking attempt but few have effective and cyber-savvy password security in place. For example, only a third (30 per cent) of Internet users create new passwords for different online accounts and a worrying one-in-10 people use the same password for all their online accounts. Should one password be leaked, these people are therefore at risk of having every account hacked and exploited.
People are also not creating passwords that are strong enough to protect them from hacking and extortion. Only half (47 per cent) use a combination of upper and lowercase letters in their passwords and only two-in-three (64 per cent) use a mixture of letters and numbers. That’s despite the fact that users think their online banking (51 per cent), email (39 per cent) and online shopping accounts (37%) need strong passwords.
The study also shows that people are mistreating their passwords – by sharing them with others and using insecure methods to remember them. Almost a third (28 per cent) has shared a password with a close family member, and one-in-ten (11 per cent) has shared a password with friends, making it possible for passwords to be unintentionally leaked. Over one-in-five (22 per cent) also admitted to writing their passwords down in a notepad to help remember them. Even if a password is strong, this leaves the user vulnerable because other people may see and use it.
Mochola continued, “The Internet has been around for a while now but people are still making simple mistakes when it comes to online passwords. The best passwords cannot be found in the dictionary. They are long, with upper and lowercase letters, numbers and punctuation marks. However, with people having so many online accounts today, it’s not easy to remember a secure password for everything. Using a password management solution can help people remember and generate strong passwords to minimise the risk of account hacking online.”