Weak passwords put people at risk, study says
www.chinaview.cn 2009-09-04 19:56:47   Print

    BEIJING, September 4 (Xinhuanet) -- Internet users are leaving themselves open to security risks by adopting weak passwords, a new study reveals.

    British insurer CPP said that too many people are using things like memorable dates, names of their children and are even sharing them with friends and colleagues. The survey also found that some 46 percent were even using the same password to login to banking, shopping and social networking sites.

    More worrying was that of 1,661 Britons questioned, nearly 40 per cent of adults admitted that at least one other person knows their passwords, ranging from children, colleagues and friends. With phishing and smishing attacks, as well as malicious software attacks, on the rise, consumers and Internet users need to be more careful with their personal data.

    Phishing is the process whereby criminals attempt to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity, such as a banking website or email.

    Smishing is also becoming more common with unsuspecting members of the public tricked into giving up sensitive information. Similar to phishing, smishing uses cell phone text messages or sometimes phone calls to initiate the attack.

    An average person may visit up to 23 different sites that require a login, and they are becoming an increasing target for fraudsters.

    The survey even found that some 39 percent of its respondent thought that someone else had logged in to a website with their details. The threat is particularly real with around 18 percent saying goods had been bought illegally in their name, and one in eight reported to having had money stolen with the average sum being over 1,000 pounds (1,632 U.S. dollars). Around 5 percent reported having their identity stolen.

    The excuse many gave in using the same passwords across sites was that they found them too difficult to remember. Others say they were afraid of forgetting passwords and being locked out.

    But Sarah Blaney, identity theft expert at CPP, said: "No sensible person would use the same key for their house, car and garage. In the same way, we shouldn't use the one password for everything. If possible people should use multiple passwords with a combination of letters and numbers, which should be difficult to crack."

    Robert Schifreen, a reformed computer hacker and author of the best-selling book "Defeating The Hacker", says that a different password should be used for every website that someone signs up to.

    "An online fraudster who manages to find your single password will have the keys to your entire online life," Schiffreen says. He advises people never type their credit card number, or any other confidential information, into a web site that doesn't have the closed padlock symbol to show the data is being encrypted. Antivirus software subscriptions should also be kept up to date he says.

    The most popular passwords were pet's names, chosen by 18 percent of those questioned. Around 12 percent chose birthdays as a memorable date while around 10 percent chose their children's names as a login.

    In July Twitter's accounts were compromised after a French hacker guessed the password belonging to one of its employees. It was in fact simply 'password'.

    (Agencies)
Editor: Rob Welham
Related Stories
Home Sci & Tech
  Back to Top