The average UK adult has 32 different online accounts, the majority of which require a password as the main method of access. But a report from the National Cyber Security Centre (NCSC) suggests many are still too easy to crack.
It is widely known that passwords containing characters that don’t form words, and include numbers and special symbols are generally more difficult for others to guess or decode. However, it would appear too many of us still don’t heed the warnings.
The usual suspects…
The report from NCSC notes that ‘password’, though often parodied as all-too-obvious, has allowed fraudsters gain access to 3.6million accounts worldwide. Similarly, ‘qwerty’ gave access to 3.8 million accounts. Far outnumbering them both, however, with some 23.2 million accounts using it as their password, was ‘123456’.
It was also noted that under half of those surveyed by the NCSC do not use a strong, separate password for their email account.
When one thinks of fraudulent activity and account hacking on the web, it’s tempting to think of shady individuals in darkened rooms working on computer code for hours on end. The reality that NCSC’s report highlights is that for a large proportion of online accounts, accessing them is no harder than trying a very few, rather obvious options.
Users are aware of the threat, but do they care?
The findings seem at odds with the perceived threat of malicious online activity by British internet users. According to the report, 42% expect to be the victims of internet fraud by 2021, with 89% using the internet to make purchases.
It appears that while conscious of the threat posed by poor online security, many would rather choose to use passwords that, while making users more likely to be the victims of fraudsters, are easily memorable.
Tips for a safer password:
- Two step authentication: This method uses two parameters: a password and a PIN code. If you log in on a laptop that does not belong to you, you will need to enter a PIN code. You will receive this PIN code on your smartphone. This will give your account extra security.
- Facial recognition & fingerprint scan: New devices have the possibility to unlock devices using facial recognition. There, the risk is smaller because hackers also have to run off with your device in order to do something with it. With fingerprint scan, you can log into your bank app using the finger scanner of your smartphone. This is also safer than a password, because the fingerprint is unique.
- Complex password: Choose a different password for each account. And don’t forget to change it regularly. You can also opt for a longer password, for example a sentence that doesn’t make sense. Something like: “The yellow chair is in the house.”
Original article from Tech Data Newsflash, edited by TDConnect editors