Recently, Microsoft acknowledged passwords are inconvenient and a drain on productivity, and Similar to email addresses, there are no viable alternatives to passwords. Sure, authentication methods such as two-factor authentication (2FA) provide users with an additional layer of security, but they neither eliminate the requirement for passwords nor solve the password reusability issue.
Password reusability is a real culprit
A recent study conducted by LastPass shows over 50 percent of people haven’t changed their passwords in the last 12 months even after they came to know about a breach in the news. Meanwhile, 42 percent of people believe that having an easy-to-remember password is more important than one that is highly secure.
LastPass, a password manager app enables users to store passwords in a way that users don’t have to remember them. But as is the case with any password managers, users must remember one master password that allows them to safeguard and retrieve all remaining username and password credentials stored in their password manager app.
As for the study titled Psychology of Passwords: The Online Behavior That’s Putting You at Risk, LastPass surveyed 3,250 respondents worldwide:
“Our Psychology of Passwords report examines online security behaviors of 3,250 global respondents, and it shows that people aren’t protecting themselves from cyber security risks even though they know they should. Cognitive dissonance prevails.”
42% people believe their accounts aren’t worth a hacker’s time
Interestingly, the study also highlights discrepancies between people’s conscience and their subsequent actions.
Although 91 percent of users claim they understand the risk involved with using the same or a variation of the same password, only 25 percent of people have addressed this issue with their actions while a significant portion of users (66 percent) continue to use the same password or a variation.
While 80 percent of users admit that having their passwords compromised is something they are concerned about, 48 percent of people say they don’t change their passwords unless it’s required. Sadly, the rate at which people have stopped changing their passwords has increased by 8 percent from 2018.
Last but not least, while 77 percent of users claim they are aware of some of the best password-protection techniques, 54 percent of people keep track of their passwords by memorizing them.
“Reusing the same password across all or most of your accounts means that if a hacker gains access to one of your accounts, they have access to all. Also, if you use the same passwords at home and at work, you’re putting your organization at risk of breach as well.”
We have compiled a list of some of the interesting findings from the research, as follows:
- While 71 percent of respondents said they had somewhere between 1 and 20 online accounts, the number of online accounts people have on average is 38.
- 42 percent of people believe their accounts aren’t worth a hacker’s time.
- While 60 percent of people are afraid of forgetting their login credentials, 52 percent of users want to be in control and know all their passwords.
- 25 percent of users reset their password at least once every month because they forget their passwords.
- 22 percent of users think they could guess their significant other’s password.
The report further highlights the importance of multi-factor authentication, which provides an additional layer of security to 2FA. Previously, Microsoft revealed over 99 percent of accounts compromised in January this year did not use Multi-factor authentication.