Improve Password Security Behavior

Improve Password Security Behavior

November 18, 2020

A recently published global survey relating to password security and online user behavior, has exposed some disturbingly poor password security practices.

The survey, published by LogMeIn, reported that most people believe they are knowledgeable about the risks of poor password security; however, they are not using that knowledge to protect themselves from cyber threats.

The survey reports:

  • 91% of respondents said that they know using the same or a variation of the same password is a risk, but 66% said they almost always use the same password for their various account logins.

  • 80% of those surveyed agreed that having their passwords compromised is something that they are concerned about, and yet 48% said if it’s not required, they never change their password

While it is clear that people are knowledgeable of the need for proper password security, much of that knowledge is not being put into practice. Why?

Many seem unaware of the potential threats that weak passwords pose. Technology like biometrics in personal devices has made it easier to avoid text passwords all together. Many are comfortable using the “forgot password” link whenever they get locked out of an account and criminals are more than aware of this. This line of thinking is understandable but misguided. Reusing the same password across all or most of your accounts means that if a hacker gains access to one of your accounts, they have access to all of your accounts. If you use the same passwords at home and at work, you’re putting UBC at risk for a breach as well.

Many of us don’t realize how much of our lives are online. When asked how many online accounts they had, 71% of respondents said somewhere between 1 and 20. However, according to anonymized data from a popular password manager application, most users actually had closer to 40 online accounts! Each account represents a possible vulnerability point that can be breached by cyber criminals.

When a criminal is successfully able to hack into a large consumer site and steal customer information from the sites database, often the first thing that criminal will do is attempt to use the compromised user information to login to a more important site, online banking for instance.

What can you do? Keep your online accounts safe by reviewing the extensive information available to UBC staff and faculty on the Privacy Matters website about creating and maintaining strong passwords.