Consumers are reluctant to protect their accounts with multiple strong passwords, yet they worry weak ones will leave them vulnerable to hackers, multiple studies show.
Out of a lack of awareness or a lack of education on security measures, users are not taking the steps needed to decrease online risks.
Some 44% of US consumers use the same password for multiple online accounts, and 39% have checked their financial data online on public networks, according to MasterCard’s Emotion of Safety & Security Survey.
Only 30% of US consumers are confident their passwords will protect their online accounts. Meanwhile, consumers have an average of 24 online accounts, but use only six unique passwords to protect them. Nearly three quarters of the accounts use duplicate passwords, Consumer Account Security Report shows, a study conducted by Qualtrics and SSI. Consumers rarely change their passwords. Almost half (47 percent) use a password that hasn’t been changed in five or more years and 77% use a password that is at least a year old.
The 10 most used passwords worldwide in 2014 are easily guessable: 1. 123456; 2. Password; 3. 12345; 4. 12345678; 5. Qwerty; 6. 123456789; 7. 1234; 8. Baseball; 9. Dragon; 10. Football. In 2014, the top 10 passwords represented about 1% of passwords exposed, according to Splash Data. Passwords comprised of numbers alone, especially sequences, should be avoided.
Websites now require stronger passwords or combinations of letters and numbers to enhance security and avoid hacks.
According to Microsoft a strong password:
- is at least eight characters long.
- does not contain your user name, real name, or company name.
- does not contain a complete word.
- is significantly different from previous passwords.
- contains uppercase letters, lowercase letters, numbers and symbols found on the keyboard.
Remember your strong password by following these tips:
- Create an acronym from an easy-to-remember piece of information. For example, pick a phrase that is meaningful to you, such as My son’s birthday is 12 December, 2004. Using that phrase as your guide, you might use Msbi12/Dec,4for your password.
- Substitute numbers, symbols, and misspellings for letters or words in an easy-to-remember phrase. For example, My son’s birthday is 12 December, 2004 could become Mi$un’s Brthd8iz 12124 (it’s OK to use spaces in your password).
- Relate your password to a favorite hobby or sport. For example, I love to play badminton could become [email protected]()n.
61% of consumers have not enabled two-factor authentication for any online accounts. Here is a simple guide that helps you enable this feature.