51% of consumers share passwords
Posted on 20 August 2014.
Consumers are inadvertently leaving back doors open to attackers as they share log in details and sign up for automatic log on to mobile apps and services, according to new research by Intercede.

While 52% of respondents stated that security was a top priority when choosing a mobile device, 51% are putting their personal data at risk by sharing usernames and passwords with friends, family and colleagues.

The survey of 2,000 consumers also questioned whether these passwords are strong enough to adequately protect consumers’ applications and the data they hold. Half of respondents stated that they try and remember passwords rather than writing them down or using password management solutions, suggesting that consumers are relying on easy to remember combinations and using the same password across multiple sites and devices.

Richard Parris, CEO of Intercede commented: “As we live more and more of our lives online, all our various digital identities need to be effectively protected – worryingly, it appears that this is not the case at the moment. We need so many passwords today, for social networking, email, online banking and a whole host of other things, that it’s not surprising consumers are taking shortcuts with automatic log ins and easy to remember passwords. These solutions are increasingly not fit for purpose though – they do not offer proof of a person’s identity and are easily lost, stolen or hacked, leaving consumers at risk of identity theft. It’s time for stronger authentication and more sophisticated forms of identity.”

The research revealed that consumers are not only sharing passwords but also potentially putting their personal and sensitive information at risk by leaving themselves logged in to applications on their mobile devices, with over half of those using social media applications and email admitting that they leave themselves logged in on their mobile device.

Worryingly many consumers are also compromising their bank and credit card details by selecting ‘Remember me’ or ‘Keep me signed in’ options. Of those that use Amazon and other shopping sites, 21% said they were automatically logged in, while the figures stood at 16% for mobile banking and 12% for PayPal.

“Keeping your Facebook, Gmail, shopping and financial accounts automatically logged in might be convenient for consumers, but it’s leaving the back door wide open to hackers,” continued Parris.

“Consumers are more wary about clicking ‘Remember me’ when it comes to online banking and financial apps, but cyber criminals don’t necessarily need access to your bank account or credit card details to commit identity theft. There are plenty of rich pickings available in email and social media accounts too. Leaving yourself automatically logged in is like leaving the windows of your house wide open while you’re out – it’s time for a new generation of secure identity authentication for all our digital identities.”

For more information about passwords read Passwords: Real-world issues, tips and alternatives and Successful strategies to avoid frequent password changes.





Spotlight

USBdriveby: Compromising computers with a $20 microcontroller

Posted on 19 December 2014.  |  Security researcher Samy Kamkar has devised a fast and easy way to compromise an unlocked computer and open a backdoor on it: a simple and cheap ($20) pre-programmed Teensy microcontroller.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  
DON'T
MISS

Fri, Dec 19th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //