The majority of people can guess a friend or partner's passwords successfully

(Image credit: italii Vodolazskyi / Shutterstock)

The majority of people who tried to guess the password of someone close to them succeeded, a new report from digital identity firm Beyond Identity has found.

After polling 1,015 people on their security-related habits, the company found that more than a third had tried to guess the password of someone close to them. 

Sometimes it’s their significant other, sometimes their children, and sometimes, their coworkers and bosses - but most of the time (in 73% of cases), they succeed.

The tactics differ, but usually, all they do is sift through their target’s social media and then use the knowledge found there, to try and guess their password. 

Sometimes, they would just use whatever knowledge they already had, to try and guess the code, with unlocking phones and gaining access to email accounts the biggest attractions. 

Pets make for poor passwords

In many cases, people would use the names of their pets as passwords, with the average password length being 15 characters.

A quarter of respondents (27%) said they used random letters as their passwords, while just below a third (30.7%) use random characters to replace certain letters. Generation X was the most likely to use a password generator, while half of the baby boomers never used such a tool.

To make matters even worse, people often don’t even need to try and guess passwords - people will share them, willingly. The report also found that half of the respondents shared access to video and music streaming accounts, while a quarter (25.7%) even shared passwords for online banking services.

On average, people share three passwords with others.

All of this, Beyond Identity concludes, makes it unsurprising that 18% of people had their online banking accounts compromised or hacked. Besides using strong passwords, users are advised to turn on multi-factor authentication whenever possible, as well as biometric authentication (fingerprint scanners or facial recognition technology). 

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.