Hacking account passwords is easy, when 1 in 6 people use their pet’s name

Graham Cluley

Guinea pigA survey of 2000 people, commissioned by Google, has revealed some disturbing truths about passwords.

Here are some of the takeaways:

  • 50% of Britons know someone whose account has been hacked
  • One in six admit accessing someone else’s account by guessing their password
  • 10% have guessed a colleague’s password
  • Nearly half (48%) of those polled have shared a password with someone else
  • Women are more likely to share their passwords than men, and over twice as likely to share it with their children
  • As many as one in six use a password consisting of their pet’s name

Here is Google’s table of the most commonly used types of password:

Position Password chosen
1 Pet’s name
2 Significant dates (e.g. wedding anniversary)
3 Date of birth of close relation
4 Child’s name
5 Other family member’s name
6 Place of birth
7 Favourite holiday
8 Something related to favourite football team
9 Current partner’s name
10 The word ‘password’

Speaking to The Telegraph, Eran Feigenbaum, director of security for Google Apps, underlined the danger of having easy-to-guess passwords and sloppy online security:

"People often leave their information open to online security breaches without even realising it. Lax attitudes to online security can lead to serious consequences if strangers access your information."

"Simple steps such as choosing more complicated passwords, always logging out of services and considering two-factor authentication, which requires more than just a password to access your account, can make a real difference to your security online."

I’m afraid I find this research all too believable.

Despite all the high profile hacks and data breaches reported in the media, most people still haven’t learnt the most basic lesson about passwords.

Or, if they have, they’ve decided to ignore it because it’s “too difficult” to remember tricky, hard-to-crack passwords, let alone different passwords for different websites.

Imagine how we would all benefit if there was an educational campaign explaining that easy-to-use password management software exists (often for free) which can remember all your passwords for you, storing them securely, and generate new, complex passwords so you don’t end up using “Tiddles” or “Hercules” over and over again…

If you do make the mistake of reusing passwords, you are running the risk of having your password compromised in one place (perhaps via a phishing attack or key logger) and then hackers using it to unlock your other online accounts.

If you find passwords a burden – simply use password management software like Bitwarden, 1Password, and KeePass to make them both safer and easier to remember.

Graham Cluley Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and is an international public speaker on the topic of computer security, hackers, and online privacy. Follow him on Twitter at @gcluley, or drop him an email.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.




Stay informed!

Join thousands of others by signing-up for the free “GCHQ” newsletter, containing the latest news and tips from security expert Graham Cluley.

Name:

Email:

Yes, I would like to subscribe to email updates from Graham Cluley. I know it’s easy to unsubscribe if I ever change my mind.