• TREND MICRO
  • ABOUT
Search:
  • Latest Posts
  • Categories
    • Android
    • AWS
    • Azure
    • Cloud
    • Compliance
    • Critical Infrastructure
    • Cybercrime
    • Encryption
    • Financial Services
    • Government
    • Hacks
    • Healthcare
    • Internet of Everything
    • Malware
    • Microsoft
    • Mobile Security
    • Network
    • Privacy
    • Ransomware
    • Security
    • Social Media
    • Small Business
    • Targeted Attacks
    • Trend Spotlight
    • Virtualization
    • Vulnerabilities
    • Web Security
    • Zero Day Initiative
    • Industry News
  • Our Experts
    • Ed Cabrera
    • Rik Ferguson
    • Greg Young
    • Mark Nunnikhoven
    • Jon Clay
    • William “Bill” Malik
  • Research
Home   »   Industry News   »   Encryption   »   Majority of consumers raising risk with recycled passwords

Majority of consumers raising risk with recycled passwords

  • Posted on:October 3, 2012
  • Posted in:Encryption
  • Posted by:
    Trend Micro
0

Using a complex password may not be enough to protect consumers if they insist on using the same combination to cover too many accounts. According to a recent survey by fraud-detection company CSID, six out of 10 consumers use the same limited set of passwords in all their web activity, despite potentially raising the risk of a data security breach.

According to the survey, 54 percent of respondents had five passwords or fewer, and 44 percent changed their passwords once a year or less. As a result, compromising a single website could grant a hacker access to a range of user accounts.

An easily overlooked problem
Having a complex password is only one part of data protection best practices. Many consumers do not realize that reusing the same login information can be dangerous, according to CSID CIO Adam Tyler. Yet 21 percent of survey respondents had experienced an online account breach.

The worst offenders are users under the age of 24. More than half of respondents claimed memorization was an issue driving password reuse, which PCWorld noted may signal a lack of familiarity or trust in password vault services such as LastPass or DirectPass.

Many users reported that they regularly access fewer than half a dozen sites, which might have been a factor in the limited number of passwords being used. Nonetheless, consumers can take certain steps to make managing multiple passwords an easier and more secure process regardless of the number of passwords they are using.

Tips for creating secure passwords
The first step in securing online accounts, according to experts, is adopting a secure password that is longer than 10 characters. A recent Trend Micro guide laid out several other tips for a secure password:

– Longer is better, as is random
– Replacing letters with numbers or punctuation marks is recommended
– Consumers should use nonconsecutive numbers and avoid using personally identifiable numbers such as a birthday
– A three-word nonsensical “passphrase” can offer more security than a simple password
– Users should never reuse passwords and should instead take the time to create a unique password for each online account

Yet, as the CSID study showed, a secure password is just the beginning. It can be important to follow other management tips to keep data safe across multiple accounts.

Managing multiple passwords
In addition to creating secure passwords, it is important to lock down other parts of online account security, and it is critical that users be able to keep track of the passwords they have created.

Trend Micro’s guide offered a range of other tips for managing passwords beyond basic security measures. Users should be creative when selecting their account’s initial security questions and consider choosing answers that are out-of-context. Avoiding phishing by not clicking on suspicious links is important as well.

One critical way to manage passwords is by reducing digital clutter in the form of unused accounts that are no longer needed. This approach disposes of overlooked vulnerabilities. Regularly patching and upgrading software is also an important way of staying up-to-date against threats.

Consumers can limit what they share on social networks in order to avoid exposing private information that could make it easier for hackers to guess passwords or answers to security questions.

One of the most useful tools is a password manager service, such as Trend Micro’s DirectPass, which can keep track of credentials across multiple online accounts. Users only need to remember one master password to access the service before sitting back and allowing the software to generate and securely store unique and extremely complex combinations for each account. As a result, users can strike a balance between the hassle of remembering potentially dozens of lengthy passwords and the danger that could come from recycling a few simple combinations.

Data Security News from SimplySecurity.com by Trend Micro

Related posts:

  1. Keep Cybercriminals Guessing with Unique Passwords
  2. Are Your Passwords Secure Enough?
  3. Recycling Passwords is “Cybercriminally” Friendly
  4. Passwords remain fundamental to effective Internet security

Security Intelligence Blog

  • Our New Blog
  • How Unsecure gRPC Implementations Can Compromise APIs, Applications
  • XCSSET Mac Malware: Infects Xcode Projects, Performs UXSS Attack on Safari, Other Browsers, Leverages Zero-day Exploits

Featured Authors

Ed Cabrera (Chief Cybersecurity Officer)
Ed Cabrera (Chief Cybersecurity Officer)
  • Ransomware is Still a Blight on Business
Greg Young (Vice President for Cybersecurity)
Greg Young (Vice President for Cybersecurity)
  • Not Just Good Security Products, But a Good Partner
Jon Clay (Global Threat Communications)
Jon Clay (Global Threat Communications)
  • This Week in Security News: Ransomware Gang is Raking in Tens of Millions of Dollars and Microsoft Patch Tuesday Update Fixes 17 Critical Bugs
Mark Nunnikhoven (Vice President, Cloud Research)
Mark Nunnikhoven (Vice President, Cloud Research)
  • Twitter Hacked in Bitcoin Scam
Rik Ferguson (VP, Security Research)
Rik Ferguson (VP, Security Research)
  • The Sky Has Already Fallen (you just haven’t seen the alert yet)
William
William "Bill" Malik (CISA VP Infrastructure Strategies)
  • Black Hat Trip Report – Trend Micro

Follow Us

Trend Micro In The News

  • Fujitsu and Trend Micro Demonstrate Solution To Secure Private 5G
  • Trend Micro Receives 5-Star Rating in 2021 CRN® Partner Program Guide
  • Smart Factory Cyber Attacks Knock Out Production for Days
  • Eliminate Hesitations: Security Simplified For Those Building In The Cloud
  • Nuffield Health Depends on Managed XDR with Trend Micro Vision One
  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © 2017 Trend Micro Incorporated. All rights reserved.