Passwords are everywhere. From logging in to our social media accounts to buying new shoes, we wouldn’t be able to get much done without first logging in to an account with a password. The problem is, as more and more of our everyday lives have gone online, we’ve had to create more and more passwords — and that can cause problems. After all, who among us uses a different password for each and every site? Perhaps not many of us, if we’re being honest.
Indeed, according to new research from Kaspersky Lab, people tend to fall into one of two camps: those who use passwords that are complex but difficult to remember and those who create passwords that are easy to remember but easy to crack.
Those of us who create complex but difficult to remember passwords may have more secure accounts, but sadly they also have a tendency to forget these passwords. After all, it’s a lot easier to remember password123 than to remember Pa$$W0rdTh3G14nT123.
And a fair number of people surveyed understood the need for complex passwords, with 63% selecting online banking accounts, 42% payment applications including e-wallets, and 41% online shopping as types of accounts that need the most secure passwords. However, 51% of people admitted to storing their passwords insecurely, and a staggering 23% said they store them on a notepad.
According to the research, a disheartening 10% of people surveyed admitted to using the same password for every account they own — a practice that increases the very real risk of account compromise. Reuse one password for all accounts and you ensure that if one account is compromised, they all are. You can check to see which accounts of yours could be compromised here. On top of that, the research showed that 17% of those surveyed had faced the threat of account compromise, or actually had an account compromised, in the past 12 months.
However, if you’re looking for some quick tips, resident tech expert David Emm suggests the following:
- Make every password at least 15 characters long — the longer the better.
- Don’t make passwords guessable. There’s a good chance that personal details such as your date of birth, place of birth, partner’s name, and so forth can be found online — for example, on your Facebook wall.
- Don’t use real words. They are open to “dictionary attacks,” someone using a program to quickly try a huge list of possible words until they find one that matches your password.
- Combine letters (including uppercase letters), numbers, and symbols.
- Don’t “recycle” passwords — say, david1,” “david2,” “david3,” etc.
- Use a different password for each account to prevent all of your accounts becoming vulnerable.
- If you suspect your password has been compromised, change it immediately.