Despite warnings, most people still don’t change their passwords

64% of people use the same password for some, or even all, of their online accounts, while only 21% use a different password for each account.

These startling findings come from a survey of 1,050 people in the UK carried out by Bilendi on behalf European email services company, GMX. According to the survey, 9% of respondents say that they have never ever changed their main email account password which leaves them especially vulnerable.

Jan Oetjen, Managing Director of GMX, commented: “It’s important for everyone to take the security of their email accounts seriously, as these are at the centre of our digital lives. Once hackers have access to your email account they can quickly take over the rest of your digital accounts by using it to reset all your passwords. Many of these accounts store your credit card or banking information. Moreover hackers are getting very creative at finding new ways to extract money from victims.”

Other survey findings include:

• 21% of respondents said that they used personal information such as their favorite football team, their pet’s name or birthdays when creating passwords. This is particularly risky because this type of information can often be found on social media sites.
• 43% said that the number of different passwords that they had to remember was ‘overwhelming’ and 30% said they had at least 10 different accounts.
• 8% said that trying to remember all their passwords was more stressful than a divorce or changing jobs.
• 40% said that they ‘remembered’ their passwords, followed by 20% who preferred to write them down on a piece of paper. Only a few (8%) said that they use a password manager, a single sign-on service like Facebook or Google (4%) or kept them on a document in the cloud (1%).
• 45% of users include special characters in their passwords such as @ or $, while 32% say their passwords contain fewer than eight letters. Most passwords (35%) have up to ten characters, while 16% are the most security-conscious, with over 12 characters.

GMX experts advise following four rules when choosing passwords:

• Each password should be different for each account.
• Passwords should be at least eight characters long and contain special characters, lowercase and uppercase alphabetic characters, numbers and symbols if permitted.
• Passwords should be difficult for others to guess – not based on information you could find on the internet or which is known to friends or colleagues.
• The best passwords are randomly generated and are not found in a dictionary.