Passwords remain a problem for everyone
Posted on 20 May 2014.
Passwords remain a problem even for tech-conscious consumers. In an F-Secure poll, 43% of respondents report using the same password for more than one important account – a big no-no for proper password hygiene.

58% of poll respondents have over 20 password-protected online accounts or simply too many too keep track of. 27% have between 11 and 20 password-protected accounts and 15% have under 10. But even with so many accounts, just 40% use a password manager to keep track of them.

Encouragingly, 57% of poll respondents changed passwords after hearing about Heartbleed. Of poor password habits, the most common was using the name of a family member. The next most common poor password habit was using a pet name, and then using generic passwords like “Password” or “123456.”

Post-Heartbleed, it’s especially important to pay some attention to passwords. But getting all one’s passwords in order – setting a unique, strong password for each individual account – can seem like too big a job, which is why many aren’t doing it.

There’s a lot of advice out there on how to generate and manage passwords. What’s the average person to do? Sean Sullivan, Security Advisor at F-Secure shares the one fundamental tip that everyone should remember: “Identify the critical accounts to protect, and then make sure the passwords for those accounts are unique and strong.”

Sullivan’s advice takes into account the fact that many people have accounts for services where little personal information is stored. “If you created an account for some website and there’s hardly anything more in there than your username and password, then that’s probably not a critical account,” he says. “But your Amazon account with your credit card info, your bank account, your primary email accounts, the Facebook account with your life story, these are examples of the critical ones. If you don’t have time or inclination to tackle everything, at least take care of those.”

A prime example of a critical account is an email account that is used as the point of contact for password resets on other accounts. For these “master key” accounts, it’s a good idea to activate two-factor authentication if available.

But how to protect those critical accounts? Use a secure password manager which stores passwords, usernames and other credentials so you can access them through one master password.





Spotlight

How to talk infosec with kids

Posted on 17 September 2014.  |  It's never too early to talk infosec with kids: you simply need the right story. In fact, as cyber professionals it’s our duty to teach ALL the kids in our life about technology. If we are to make an impact, we must remember that children needed to be taught about technology on their terms.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Thu, Sep 18th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //