Poor Password Habits Can Endanger Business
-
Poor Password Habits Can Endanger Business
Most people use easy-to-remember passwords because their fear of forgetting is stronger than their fear of being hacked. That creates problems for companies. -
Most Breaches Abuse Passwords
63% of breaches in 2016 used weak, default or stolen passwords, so companies should urge employees to create strong, unique passwords with a minimum of 12 to 14 characters that include numbers, letters and symbols. -
How Users Describe Secure Passwords
Combination of letters, numbers and symbols: 82%, Upper- and lower-case letters: 69%, 12 characters or more: 67%. -
How Users Create Passwords
Initials, or friends or family names: 47%, Significant dates and numbers: 42%, Pet names: 26%, Birthdays: 21%, Hometowns: 14% School names or mascots: 13% -
Cognitive Dissonance
91% of respondents know that there is a risk associated with reusing passwords, yet 61% reuse the same or similar passwords anyway. -
What People Protect the Most
Financial data: 69%, Retail: 43%, Social media: 31%, Entertainment: 20% -
Personal Versus Work Password Habits
39% of the respondents said they create more secure passwords for personal accounts than they do for work accounts. -
Your Personality Can Get You Hacked
Personality has an impact on how people rationalize their online security behavior. Type A personalities' password behavior stems from their need to be in control. Type B personalities rationalize their poor behavior by convincing themselves that their accounts are of little value to hackers. -
Type A Personalities and Password Behavior
Control: 35% reuse because they want to remember all passwords. Detail-oriented: 49% have a personal "system" for remembering passwords. Deliberate: 66% are proactive in order to help keep personal information secure. Driven: 86% said having a strong password makes them feel that they are protecting themselves and their family. -
Type B Personalities and Password Behavior
Nonchalant: 45% believe their accounts are not worth hackers' time. Laid-back: 43% prioritize a password that is easy to remember over one that is secure. Flexible: 50% feel they should limit their online accounts and activities for fear of a password breach. Preoccupied: 86% feel other factors besides a weak password could compromise their online security.
Although most individuals know what safe passwords should be, most people tend to ignore what they know and instead use easy-to-remember passwords because their fear of forgetting is stronger than their fear of being hacked, according to a recent study on the psychology of passwords. "Most admit to knowing better, but still implement poor choices and tactics in creating and managing passwords for their digital lives," the report concludes. "It further enforces the message that knowing the right thing to do and actually doing the right thing are completely separate discussions when it comes to password habits." Many factors drive these behaviors, including increasing complexity, the growing number of accounts, and overall password and security fatigue—and hackers count on these behaviors to breach accounts. Since these poor habits affect work as well as personal passwords, they are a major concern to CIOs, CISOs, and other tech and business executives. LastPass, a software developer that makes a so-called "password vault," commissioned the study, which was conducted by market research firm Lab 42. Responses were received from about 2,000 individuals in Australia, France, Germany, New Zealand, the United Kingdom and the United States.