Hacking account passwords is easy, when 1 in 6 people use their pet's name

Guinea pigA survey of 2000 people, commissioned by Google, has revealed some disturbing truths about passwords.

Here are some of the takeaways:

  • 50% of Britons know someone whose account has been hacked
  • One in six admit accessing someone else's account by guessing their password
  • 10% have guessed a colleague's password
  • Nearly half (48%) of those polled have shared a password with someone else
  • Women are more likely to share their passwords than men, and over twice as likely to share it with their children
  • As many as one in six use a password consisting of their pet's name

Here is Google's table of the most commonly used types of password:

Position Password chosen
1 Pet's name
2 Significant dates (e.g. wedding anniversary)
3 Date of birth of close relation
4 Child’s name
5 Other family member’s name
6 Place of birth
7 Favourite holiday
8 Something related to favourite football team
9 Current partner’s name
10 The word 'password'

Speaking to The Telegraph, Eran Feigenbaum, director of security for Google Apps, underlined the danger of having easy-to-guess passwords and sloppy online security:

"People often leave their information open to online security breaches without even realising it. Lax attitudes to online security can lead to serious consequences if strangers access your information."

"Simple steps such as choosing more complicated passwords, always logging out of services and considering two-factor authentication, which requires more than just a password to access your account, can make a real difference to your security online."

I'm afraid I find this research all too believable.

Despite all the high profile hacks and data breaches reported in the media, most people still haven't learnt the most basic lesson about passwords.

Or, if they have, they've decided to ignore it because it's "too difficult" to remember tricky, hard-to-crack passwords, let alone different passwords for different websites.

Imagine how we would all benefit if there was an educational campaign explaining that easy-to-use password management software exists (often for free) which can remember all your passwords for you, storing them securely, and generate new, complex passwords so you don't end up using "Tiddles" or "Hercules" over and over again...

If you do make the mistake of reusing passwords, you are running the risk of having your password compromised in one place (perhaps via a phishing attack or key logger) and then hackers using it to unlock your other online accounts.

If you find passwords a burden - simply use password management software like LastPass, 1Password, and KeePass to make them both safer and easier to remember.

Tags: , , , ,

Smashing Security audio podcast
Check out "Smashing Security", the new weekly audio podcast, with Graham Cluley, Carole Theriault, and special guests from the world of information security.

"Three people having fun in an industry often focused on bad news" • "It's brilliant!" • "The Top Gear of computer security"

Latest episode:

Subscribe to the free GCHQ newsletter

, , , ,

No comments yet.

Leave a Reply