Breaches, hacks and corporates possibly using ‘password’ as their, erm, password.
It’s been a pretty bad week or two in the InfoSec world. Well, that is unless you’re one of the lucky ones being paid to clean up.
So, with that in mind, it is hardly surprising to hear that savvy Brit computer users are wising up and using hard to guess passwords which differ from account to account.
What’s that I hear you say?
Here we go again… more than 40% of the British public think their passwords are so secure that a hacker will never guess them. Only they probably aren’t.
Around one third of the 1,000 survey respondents admitted that they actually concocted a password in the time honoured fashion of taking a name or date or birth and doing precisely nothing with it, other than inserting it straight into the box that says ‘Create Password’.
Well at least they don’t make the same mistake twice.
Or do they?
Yep, you guessed it, 63% of those questioned said, yes, they do reuse the same password over and over again.
So, the only hope is that they change those insecure passwords on a frequent basis isn’t it. But, no, not everyone does that. In fact, 21% of the surveyed Brits said they would never change their password unless expressly prompted to do so.
At least none of us here in Blighty are so stupid as to write our passwords down on a post-it note though. No-sirree, not us – we use our phones and computers to keep track of our login credentials instead. Or at least 17% of us do (and I’m one of the 83% who doesn’t before you even think it!)
Commenting on the survey’s findings, a Redcentric spokesperson said:
“Online security is paramount in this day and age, especially as people are able to carry out more day-to-day tasks online such as shopping, banking and running businesses.
There are obvious concerns when people are using the same passwords over different accounts, especially if those accounts hold personal or financial information. We recommend that you change your password every month or so depending on the kind of account it is, rather than just doing it when prompted.”
What password mistakes do you make? (hint: answering “none” would be the only correct answer)
And what needs to be done to educate the Brits implicated above, as well as the millions of other users around the world? Is it education? Is it awareness? Is it culture? Or is it just plain laziness on their part?