Password security is extremely important. No doubt, this is something you have heard before. In fact, it may be something that you hear and then immediately dismiss because you’ve heard it so many times. Why, though, should we not dismiss it? And how much do we really know about password security?

LastPass wrote a very interesting article on the Psychology of Passwords. In it, they included statistics from a poll taken of 3,750 professionals across 7 countries. Today we are going to look at some of those statistics and discuss what they mean for us, and why it matters.

Password Education

What do the statistics show us? To start, only 8% of professionals said that a strong password should not have ties to personal information. This means that many people are creating passwords that involve personal information. Many times, people will use information like birthdays or home addresses in password creation. Why is this alarming?

Over the last two years, our digital lives have grown exponentially. The more accounts being created means the more personal information being shared online, both in password creation and otherwise. If just one of those accounts breached shows a password involving personal information, it means that information is out there and available to malicious parties. Furthermore, in 2021, 27% of those surveyed said they shared photos of their house or neighborhood on social media. This number increased 20% from 2020.

In addition to these figures, people tend to reuse passwords. Is this really such a dangerous behavior?

Why is Reuse so Dangerous?

Is password reuse risk-taking behavior? Yes. This is because just one stolen username and password combination can potentially allow malicious actors to access multiple accounts. “According to a Verizon Data Breach Report, 80 percent of data breaches are the result of poor or reused passwords.” What a staggering number! This is why password reuse can be so dangerous. This danger can be elevated when password reuse is leveraged across corporate networks.

Why do People Engage in Bad Password Behavior?

So, why do people engage in bad password behavior? 68% of people say they reuse their passwords because they are afraid of forgetting them. 52% want to be in control of all their passwords. And 36% say they do not think their accounts are valuable enough for malicious actors.

Be assured, malicious actors will take advantage of any accounts they can leverage. So, what can help us remember our passwords and remain in control of our accounts? Let’s see what good password behavior really looks like.

What is Good Password Behavior?

Keep the following points in mind for good password behavior:

• Each password should be unique
• Use nonsensical combinations of characters
• Employ multifactor authentication
• Be sure to update passwords when notified of a breach

If this list feels daunting to you, there is a tool that can help make it a little easier, especially if you’re worried about remembering your passwords. This tool is called a password manager. Password managers store all your passwords for you and can even provide you with secure and unique passwords. When you use a manager, all you will need to remember is the password for entering the application. This will save you time, mental energy, and likely the headache of forgetting passwords.

Consider also using a passphrase instead of a password. This could be a full sentence from your favorite book, movie, song, etc. Choose something that has meaning to you, but you have not posted about on social media. Using a phrase like this with proper punctuation, capitalization, and spacing will be hard for attackers to brute force or guess, while remaining easy for you to remember.

Secure and Protected

Password security is extremely important. You’ve heard it before, and you will hear it again. Now, though, you may have a clearer understanding of why it is so important. We hope the tips included in this article will help you to be more secure and protected as you move forward.

Sources:
https://blog.lastpass.com/2021/09/new-report-2021-psychology-of-passwords/
https://www.crn.com/news/channel-programs/logmein-poor-or-reused-passwords-responsible-for-83-percent-of-breaches
https://www.social-engineer.com/secure-it-keep-your-digital-profile-safe-from-vishers-and-phishers/

Images:
https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcQhEBoaydq0EFUjzvgm8dtQmnGowksjleGcRw&usqp=CAU
https://images.idgesg.net/images/article/2018/08/5_password-best-practices_unique-passwords_authentication-100768646-large.jpg?auto=webp&quality=85,70

*** This is a Security Bloggers Network syndicated blog from Security Through Education authored by Social-Engineer. Read the original post at: https://www.social-engineer.org/social-engineering/password-security/