Our website uses cookies

Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing Infosecurity Magazine, you agree to our use of cookies.

Okay, I understand Learn more

Survey reveals passwords are weakest link in online security

The survey, conducted amongst more than 250 PC users by Check Point earlier this month, found that, in spite of a poor online password strategy, 57% of those polled had either experienced email or social network hacking, or knew someone who had been affected.

Delving into the survey results reveals that 8% of respondents admitted to copying an entire password found online in a listing of 'good' passwords.

Twenty-nine percent of respondents, meanwhile, had their own email or social network account hacked, and over half (52%) know someone who has had a similar problem.

According to Check Point, the first thing a hacker will do to break into a computer or secure account is try and guess the victim's password.

Automated programs, says the IT security vendor, are now available for hackers to repeatedly guess passwords from a database of common words or other information.

The study also revealed that 22% of respondents had experienced email hacking and 46% know of others who experienced similar email problems.

Bari Abdul, vice president of consumer sales with the IT security vendor, said that, especially now, with online shopping on the rise this holiday season, consumers need to be aware of the importance of passwords and the fact that hackers are getting more and more sophisticated in cracking them.

"By creating a unique password for each important account, consumers create the first line of defence against online thieves who can't wait to gain access to critical data for financial gain", he explained.

To ensure consumers stay safe online and enjoy this holiday season, Check Point has detailed a few tips for creating a strong password:

Users should choose a password that is at least 8 to 10 characters long. This should be long enough to prevent brute force attacks. Since brute force attacks consist of trying every possible code, combination, or a password until the right one is found.

Internet surfers should also ensure that their password is difficult to guess. Do not, says the company, use names of any kind, including your login name, family member's name or a pet's name. Users should also avoid using personal information such as a phone number, birthday or place of birth.

Users should avoid words that can be found in the dictionary. With the availability of online dictionaries it is easy for someone to write a program to test all of the words until they find the right one.

Check Point also recommends that users should stay away from repeated characters or easy to guess sequences such as 77777, 12345, or abcde.

The vendor also recommends that users should choose a password that is a mixture of numbers, letter and special characters. The more complex and random it is, the firm says, the harder it will be for a malicious person to crack.

Other issues to watch out for in password creation include the recommendation of the use of fragments of words that will not be found in a dictionary.

Users should, says Check Point, break the word in half and put a special character in the middle, as well as selecting different and unique passwords for all of the important sites.

Finally, Internet users are recommended to change their passwords often. Even if someone cracks the system password file, the password they then obtain is not likely to last long.

What’s Hot on Infosecurity Magazine?