07/11/18

High-Risk Passwords Still the Norm Even After Massive Data Breaches

Security breaches are happening at an alarming rate—think Equifax, Yahoo!, MyFitnessPal. Yet, in the wake of these breaches, people’s knowledge, feelings, and actions regarding internet security are still hugely problematic.

A recent study conducted by LastPass··· and Lab42 found that “password behaviors remain largely unchanged from two years ago.” According to the study, only 55% of people will update their password when their account has been hacked. That means 45% of people keep the same password for a compromised account.

This is a serious problem because 47% of people say there is no difference in passwords created for work and personal accounts. This means that the breach of one account could lead to the breach of multiple accounts with similar login credentials.

Imagine having your email account hacked and then finding out that your Amazon, iTunes, and Facebook accounts had been compromised soon thereafter. Well, this is the exact peril people are putting themselves in by not practicing smart cybersecurity practices.

In fact, most people don’t even know what smart cybersecurity looks like. According to one study, 80% of respondents knew that Kanye West was married to Kim Kardashian compared to the 15% who knew that longer passwords are more secure.

Speaking of secure passwords, Have I Been Pwned, a website that lets users enter their online details to check if their passwords have been breached in the past, released a list of the least secure passwords. Here’s the top 10:

  1. 123456
  2. 123,456,789
  3. qwerty
  4. password
  5. 111111
  6. 12,345,678
  7. abc123
  8. password1
  9. 1234567
  10. 12,345

These passwords are both a little silly and extremely risky. Of course, passwords in general are moderately risky even if they are used with proper security etiquette. That’s why Chrome and Firefox are leading the charge to kill off passwords on the web for good. Their plan for the future is to work towards using biometric-based systems  – such as fingerprint or face identification – for web authentication.

The benefit of this process is the difficulty for any hacker to replicate a fingerprint and the ease of never having to remember a password. This could be the future of web authentication. An easy, unbreakable system that’s quicker and more secure than using silly passwords like qwerty123.

It takes a little cash to change the world.

So what are you waiting for?

About the author

Andrew Mosteller
Andrew Mosteller
Andrew Mosteller is a freelance writer and regular contributor to Lendio News. His upbringing in an entrepreneurial family nurtured a passion for small business at a young age. Andrew's father, an equity fund manager, taught him the ins and outs of investment financing. Now, Andrew spends his time writing copy for business owners, helping them expand and advertise their unique brands. He's also studying Strategic Communications at the University of Utah. When Andrew's fingers aren't glued to the keyboard, he spends his time reading, podcasting, composing music, and bombing down the ski slopes.

Comments

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Get more small business tips from Lendio.

More like this