A survey of 2000 people, commissioned by Google, has revealed some disturbing truths about passwords.
Here are some of the takeaways:
- 50% of Britons know someone whose account has been hacked
- One in six admit accessing someone else’s account by guessing their password
- 10% have guessed a colleague’s password
- Nearly half (48%) of those polled have shared a password with someone else
- Women are more likely to share their passwords than men, and over twice as likely to share it with their children
- As many as one in six use a password consisting of their pet’s name
Here is Google’s table of the most commonly used types of password:
|2||Significant dates (e.g. wedding anniversary)|
|3||Date of birth of close relation|
|5||Other family member’s name|
|6||Place of birth|
|8||Something related to favourite football team|
|9||Current partner’s name|
|10||The word ‘password’|
Speaking to The Telegraph, Eran Feigenbaum, director of security for Google Apps, underlined the danger of having easy-to-guess passwords and sloppy online security:
"Simple steps such as choosing more complicated passwords, always logging out of services and considering two-factor authentication, which requires more than just a password to access your account, can make a real difference to your security online."
I’m afraid I find this research all too believable.
Despite all the high profile hacks and data breaches reported in the media, most people still haven’t learnt the most basic lesson about passwords.
Or, if they have, they’ve decided to ignore it because it’s “too difficult” to remember tricky, hard-to-crack passwords, let alone different passwords for different websites.
Imagine how we would all benefit if there was an educational campaign explaining that easy-to-use password management software exists (often for free) which can remember all your passwords for you, storing them securely, and generate new, complex passwords so you don’t end up using “Tiddles” or “Hercules” over and over again…
If you do make the mistake of reusing passwords, you are running the risk of having your password compromised in one place (perhaps via a phishing attack or key logger) and then hackers using it to unlock your other online accounts.