A survey of UK citizens has revealed a range of poor cybersecurity practices that could expose both personal and corporate data.
According to TheHackShield, people often reuse the same password across multiple services, create passwords that are relatively easy to guess with a little social engineering, and will wait for years before updating account credentials.
The cybersecurity firm recently polled 2,200 UK adults and discovered that two-thirds of people use just three passwords across all their online accounts, of which there are usually about 50. Almost half of the respondents (48%) use the same password for both personal and professional services.
- Here’s our list of the best password generators right now
- We’ve built a list of the best business password managers on the market
- Check out our list of the best identity management services available
Drilling deeper into their most popular choices, street names (20%), pet names (15%) and special dates (14%) were the most common passwords - all of which can be obtained relatively easily via social engineering.
Only 5% of people regularly update the passwords on their key accounts, in order to remain secure. The rest take seven years on average to change a password and, when they do it, it’s often due to “clear signs of hacking”.
Even when they are warned about poor cybersecurity hygiene, most people don’t do much about it. The majority (71%) of iPhone owners ignore alerts designed to notify the user if a password has been compromised in a data breach.
Keeping old passwords is risky
Although convenience likely factors into this behavior, the report found that most (51%) are afraid they will forget new passwords, while some (29%) said they couldn’t think of anything secure enough.
Commenting on the report, Nikhil S. Mahadeshwar, co-founder and CTO at Skynet Softtech, explained why it’s essential to regularly update passwords:
“Changing your password regularly is vital to staying safe online. Changing your password once a month will help to dramatically reduce your chances of becoming a victim of hacking," he said.
"You can also use two-step authentication and RSA hardware token, which looks like a flash drive to safeguard your password. Whenever you get a notification or alert to change your password, do so immediately, otherwise, your valuable information could fall into the wrong hands.”
- Check out our rundown of the best identity theft protection right now
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.