Overwhelmed by electronic passwords? Here's how to navigate your way to sanity
A global study has revealed that only about 24% of employees save their electronic passwords — leaving a significant number at the mercy of hackers.
The study, by KnowBe4 Research which evaluates organisations’ security culture, surveyed 160,000 people worldwide.
It concluded that up to 76% of employees were likely to re-use the same, simple passwords on multiple platforms.
KnowBe4 Research MD Kai Roer warned that this puts many at risk from hackers.
“Most of us use a whole host of online services and systems requiring passwords, both at work and at home. By using the same password at multiple locations or a short password that is easy to remember, you are making it easier for hackers to access your accounts,” Roer said.
The survey found three out of four people did not write down passwords. “This is the one thing we all have in common — we don’t like to memorise a multitude of different passwords for all of our online accounts,” the company warned in a statement.
Gathered data indicated that as many as four out of five people in the banking, consulting and technology sectors did not write down or store their passwords.
Roer said this was alarming: “With access to so much sensitive information, the password routines in such companies should be better.”
The firm said advice about password routines had not been particularly consistent over the years, while the number of sites and systems requiring a login password had multiplied exponentially.
For years, companies would tell employees to not write down their passwords. Later, employees were asked to create complex and unique passwords which were difficult to remember. Many employees responded by reusing passwords.
“This is human nature. Fortunately, there are solutions,” said Roer.
The company said it was crucial to save passwords in a place no-one else had access to, such as a mobile phone, notebook or password manager.
“Do a thorough cleanup of your passwords. This is a simple, but extremely important resolution that is easy to keep. If you are unsure whether it’s worth your time, visit the website ‘Have I Been Pawned’. There you will find almost 10.5 billion stolen usernames and passwords,” he said.
The company offered three tips for good passwords:
• Create unique, slightly longer passwords. The safest solution is to create a unique password for each service you use. Passwords do not have to be a single word, they could be a simple sentence or a random sequence of digits, letters and special characters.
• Write your password down somewhere no-one else has access to. With many unique passwords, it can be difficult to remember them all. Write them down, but make sure no-one else has access to the list.
• Use a “password manager”. This is a safe and secure way to avoid having to remember complex, unique passwords. There are plenty of good programs and applications available. Consult your IT department at work; they will be able to advise you.