Passwords are valuable information and when they fall in the wrong hands, the end result can be a personal and financial disaster. Many people have established secure password habits but a surprisingly large number still rely on just one password for all their needs.
According to a survey by F-Secure, about 20% of Internet users in Germany, Sweden and the UK use the same passwords for everything – from credit cards to online banking to logging into their e-mail account or a game website. About 20% write their password on a piece of paper, while 8% have to reset their passwords frequently because they forget them so easily.
Another F-Secure survey conducted in seven countries reveals that, on average, only about 50% of mobile phone users protect their phones with a password. According to the survey, Germans are the most security conscious with 68% locking their phones with passwords, while the British (27%) and Americans (13%) lag far behind in terms of safe mobile phone use.
Sean Sullivan, Security Advisor at F-Secure, says, “With so many logins to deal with these days, it is tempting to use just one or two passwords for everything. Unfortunately it is also a recipe for disaster because there is a whole industry of cybercriminals constantly devising new ways to steal passwords and exploiting them to the full.”
Bogus e-mails asking for confirmation of user names and passwords have long been used by criminals to dupe people into revealing their banking details and other personal information. The rapid growth of Facebook has also made it an attractive target for criminal scams designed to steal passwords. By compromising Facebook accounts, criminals hope to access people’s e-mail accounts, opening up a wealth of other confidential information. People using the same password for everything have the most to lose.
Sean Sullivan says, “Never use information that you reveal on Facebook for your passwords, such as your birthday, name or pet names. I urge everyone to take a few minutes to learn a system that creates unique passwords. This is especially critical for any online services where personal information is available about you.”