Survey Reveals Lax Attitudes to Password Security

Written by

Around 38% of people never update their passwords, according to a survey by Specops Software which has revealed some concerning trends regarding password safety.

Another finding was that a third of the population use the same password for streaming services such as Netflix as they do for more sensitive accounts like online banking. Additionally, just 3.45% of respondents changed their password twice a year and 29.03% said they don’t use more than one password across all their accounts. Overall, 32.26% thought that it is not that serious to have just one password. This is despite the advice of security experts that passwords should be changed regularly and vary across different accounts.

Specops undertook the survey of 1353 people following the hacking of the social app Houseparty, in which users’ details were stolen. This led to a spate of other hacks as many of the victims used the same password across multiple accounts. Only 13.79% changed their passwords in an attempt to prevent hackers accessing other accounts once news broke of the attack, while 62.07% were not worried at all about it affecting other accounts.

Sharing the passwords of streaming services with friends and family was also shown to be commonplace, with 51.51% saying they did this. Amongst Netflix users in the survey, password sharing was practiced by 66.67%. Worryingly, 21.43% said they did not know whether the people who they share passwords with shared them with other people.

Specops Software set out the following tips for people to reduce the risk of being hacked:

  • Regularly change your passwords (at least once a year)
  • Don’t use the same passwords for social media, streaming and other non-sensitive accounts as you do for sensitive accounts like online banking
  • Use more than one password, reducing the risk of hackers accessing multiple accounts with ease
  • Create strong passwords, using numbers, letters, varying capitalized and non-capitalized letters and avoiding anything personal that could easily be guessed

What’s hot on Infosecurity Magazine?