F-Secure research shows persistent password trouble

According to the Scandinavian-headquartered IT security vendor, whilst many people have established secure password habits, a surprisingly large number still rely on just one password for all their needs.

In a survey of around 1500 internet users in Germany, Sweden and the UK, about 20% responded that they use the same passwords for everything – from credit cards to online banking to logging into their email account or a game website.

Incredibly, about 20% write their password on a piece of paper, while 8% have to reset their passwords frequently because they forget them so easily.

Sean Sullivan, an F-Secure security advisor said that, with so many logins to deal with these days, it is tempting to use just one or two passwords for everything.

"Unfortunately it is also a recipe for disaster because there is a whole industry of cybercriminals constantly devising new ways to steal passwords and exploiting them to the full", he said.

The problem, he explained, is that messages asking for confirmation of user names and passwords have long been used by criminals to dupe people into revealing their banking details and other personal information.

The rapid growth of Facebook has also made it an attractive target for criminal scams designed to steal passwords. By compromising Facebook accounts, F-Secure says that criminals hope to access people's email accounts, opening up a wealth of other confidential information.

Sullivan says that users should never use information that you reveal on Facebook for your passwords, such as your birthday, name or pet names.

"I urge everyone to take a few minutes to learn a system that creates unique passwords. This is especially critical for any online services where personal information is available about you", he said.

The F-Secure security advisor added that mixing letters and numbers is a good idea for a more secure password.

"But is it feasible to remember a unique password for every website we visit? One simple way for [creating] strong passwords is described on F-Secure's Safe and Savvy blog", he noted.

What’s hot on Infosecurity Magazine?