As the number of accounts needed for all of the online services we use every day has skyrocketed in recent years, password reuse (opens in new tab) continues to remain a huge problem for both consumers and businesses according to a new report from SpyCloud.
The cybersecurity firm's new 2022 Annual Identity Exposure Report (opens in new tab) sheds light on how users still continue to reuse passwords across multiple online accounts as opposed to using a password generator (opens in new tab) or even a password manager to create strong, unique passwords for each of the online services they use.
Over the course of last year, SpyCloud says it recaptured over 15bn credentials and personally identifiable information (PII (opens in new tab)) from cybercriminals which is a 200 percent increase from the assets it recaptured in 2020. With this information in hand, cybercriminals can commit identity theft (opens in new tab) and other types of fraud that impact both businesses and consumers alike.
To make matters worse, many of the credentials recovered by SpyCloud had previously been exposed in past data breaches and leaks.
Despite an increase in knowledge about password hygiene (opens in new tab), users continue to pick bad passwords that are incredibly easy to guess such as “123456 (opens in new tab)”, “qwerty”, “admin” and “password”. SpyCloud also found that more people are basing their passwords off of content from streaming services (opens in new tab) like Netflix and Disney+ with Loki, Falcon and Wanda being the top pop-culture-themed reused passwords.
Of the passwords it recovered from publicly available data breaches and leaks in 2021 and from previous years, 64 percent are still being used across multiple accounts. SpyCloud also found that 70 percent of users whose credentials were part of a data breach or leak are still reusing the same exposed passwords.
> Microsoft is hoping to make it tougher to steal Windows passwords (opens in new tab)
> For some reason, these are still the most popular passwords around (opens in new tab)
> Even Fortune 500 businesses have poor password hygiene (opens in new tab)
Even if you don't want to upgrade to premium password manager, these days you can use a browser (opens in new tab) like Google Chrome (opens in new tab) to create new, strong passwords for you and store them securely. With your credentials stored in Chrome, you can access and use them to log in to your online accounts on other devices such as your Android smartphone (opens in new tab).
As the number of online accounts required in our digital lives doesn't seem to be decreasing anytime soon, the responsibility of creating, remembering and securely storing all of your unique passwords falls on users themselves especially if they don't want to fall victim to identity theft or fraud.
- We've also highlighted the best password generator (opens in new tab) and the best password manager (opens in new tab)
Via ZDNet (opens in new tab)