Despite an increasingly dangerous threat landscape and heightened global awareness of hacking and data breaches, password hygiene leaves a lot to be desired. 91 percent of people know that password recycling poses huge security risks, yet 59 percent still use the same password everywhere.
Users’ behavior in creating and managing secret login data lags behind the rapid evolution of cyber threats, according to statistics compiled by password management experts at LogMeIn. This holds true both in people’s personal lives and at work.
The firm polled 2,000 users across the United States, Australia, France, Germany and the United Kingdom, and found that people are more aware of security best practices, but don’t necessarily apply them.
For example, the number one reason for password reuse is fear of forgetfulness.
“Not only do most respondents (59 percent) use the same password for multiple accounts, but many continue to use that password as long as possible — until required by IT to update or if impacted by a security incident. The fear of forgetfulness was the number one reason for reuse (61 percent), followed by wanting to know and be in control of all of their passwords (50 percent),” according to the report.
Businesses should pay closer attention to staffers’ password hygiene, with nearly 47 percent of respondents saying there is no difference in passwords created for personal and work accounts. 79 percent have between one and 20 online accounts for work and personal use. Only 19 percent are more careful with their work login details, and 38 percent never use the same password for work and personal accounts. Unfortunately, the other 62% percent do.
The survey even found distinct differences in the psychology of users who are diligent with their online credentials versus those who are less meticulous.
“Bad password behavior in Type A personalities stems from their need to be in control, whereas Type B personalities have a casual, laid-back attitude toward password security,” researchers found. “Respondents who identify as Type A personalities are more likely than Type B personalities to stay on top of password security: 77 percent put a lot of thought into password creation, compared to 67 percent of Type B. And Type A users consider themselves informed about password best practices (76 percent) over Type B users (68 percent).”
Lastly, 72% feel well informed on password best practices, but 64 percent of those also prefer a password that’s easy to remember, and they admitted they always choose convenience over security. And while 91 percent are aware of the risks of password recycling, 58 percent mostly or always use the same password or a similar variation of that password for most of their online accounts.
It’s important to give your passwords a refresh every once in a while, as you never know what data breach caused your personal data to leak onto the dark web, where bad actors can use that data for extortion, phishing scams, ransomware, or fraud.
And while a trusted AV solution limits the attack surface for cybercrooks, it’s still your duty – and your duty only – to keep your login credentials safe from prying eyes.