You are here  IT Management Risk Management

PC users' passwords habits leave them vulnerable

PC users' passwords leave them vulnerable

Warwick Ashford
Tuesday 09 October 2007 12:16

Nearly one in five PC users in the UK is making themselves vulnerable to online fraud or identity theft because ofpoor password habits,according to research by Ciao Surveys.

The survey, commissioned by security technology firm McAfee, showed that 16% of UK respondents use the same password to access all their online accounts.

This is compounded by the fact that 41% never change their passwords, 16% change passwords only once a year and 13% do so only every six months.

"Around 90% of consumers are willing to spend money on anti-virus software, but relatively few follow good password practice, which provides security for free," said Greg Day, security analyst at McAfee.

The survey of 3,500 European PC users also revealed that many PC users are ignoring expert advice to use longer, more complex alpha-numeric passwords. Some 22% of Britons are still using passwords of less than seven characters, and 18% are still using only letters.

The survey showed the Germans had the most secure passwords with 34% claiming to use a combination of upper and lower case letters as well as numbers and the French the least secure, with 37% using letters only for passwords.

"Security is a combination of technology and social awareness, but while most people know not to share their bank card personal identification numbers with others, the survey shows many do not translate those same common sense factors into the IT world," said Day.

Half of UK respondents said they registered their details online at least once every day and 16% said they needed a password up to 30 times a day.

"The sheer number of passwords needed means people are resorting to using fewer and more obvious passwords, but this is a relatively easy security problem to solve," said Day.

He said changing passwords regularly only for things like internet banking with important data behind them, would immediately cut the volume of passwords.

"People could also use keyboard patterns to remember passwords or single sign on software tools to provide a single master password, while storing multiple account passwords securely," he said.