Persistent Password Problems: Why We Keep Reusing Compromised Passwords Despite Risks
Persistent Password Problems: Why We Keep Reusing Compromised Passwords Despite Risks
Hackers are trying to steal your cryptocurrency with cheap and easy malware
Hackers are trying to steal your cryptocurrency with cheap and easy malware
Video Player is loading.
Play Video
PlaySkip BackwardSkip ForwardNext playlist item
Mute
Current Time 0:00
/
Duration 8:24
Loaded: 1.16%
0:00
Stream Type LIVE
Seek to live, currently behind liveLIVE
Remaining Time -8:24
1x
Playback Rate
Chapters
- Chapters
Descriptions
- descriptions off, selected
Captions
- captions settings, opens captions settings dialog
- captions off, selected
- Eng US
Share
Audio Track
- en (Main), selected
Fullscreen
This is a modal window.
Beginning of dialog window. Escape will cancel and close the window.
TextColorWhiteBlackRedGreenBlueYellowMagentaCyanOpacityOpaqueSemi-Transparent
Text BackgroundColorBlackWhiteRedGreenBlueYellowMagentaCyanOpacityOpaqueSemi-TransparentTransparent
Caption Area BackgroundColorBlackWhiteRedGreenBlueYellowMagentaCyanOpacityTransparentSemi-TransparentOpaque
Font Size50%75%100%125%150%175%200%300%400%
Text Edge StyleNoneRaisedDepressedUniformDrop shadow
Font FamilyProportional Sans-SerifMonospace Sans-SerifProportional SerifMonospace SerifCasualScriptSmall Caps
ResetDone
Close Modal Dialog
End of dialog window.
Close Modal Dialog
This is a modal window. This modal can be closed by pressing the Escape key or activating the close button.
This is a modal window. This modal can be closed by pressing the Escape key or activating the close button.
Share:
Direct LinkEmbed Code
Close Modal Dialog
Passwords are a problem that big tech is trying to fix but they are still essential for accessing pretty much anything online. And even now people aren’t changing them after a breach and then still use the same password to access multiple sites.
SpyCloud, a security firm, highlights in a new report how people are struggling with passwords for multiple online accounts. Based on 1.7 billion username and password combinations it gathered from the 755 leaked sources in 2021, it estimates that 64% of people used the same password exposed in one breach for other accounts.
Privacy
- How to delete yourself from internet search results and hide your identity online
- The best browsers for privacy
- Samsung’s smartphone ‘Repair Mode’ stops technicians from viewing your photos
- Are period tracking apps safe?
Reused passwords are a potential security problem because if a password has been compromised once then hackers can use it to access other accounts if it’s been used as the sign-in for another site.
SEE: Cybersecurity: Let’s get tactical (ZDNet special report)
People also continue to pick bad passwords. This habit is common, with the leading examples remaining “123456”, “qwerty”, “admin”, and “password”.
SpyCloud, which focused on reused passwords, found an uptick in passwords based on content from online streaming services such as Netflix and Disney+. The top ‘pop culture’ password was Loki, followed by Falcon and Wanda.
Of the passwords it scooped up in publicly available breaches from 2021 and earlier, 64% were used for multiple sites today.
SpyCloud’s definition for password ‘reuse’ is a bit fuzzy and only shows likely trends. For example, it counts reuse samples as credentials it collected in a leak at one point in time that were observed in subsequent leaks it had access to. That doesn’t mean that people were necessarily using the same password at a given point; only that the same password combination was observed in data breaches it had access to over a given period.
“For users we can tie to breach exposures in 2021 and prior years with the same email address or username explored, 70% were still reusing the same exposed passwords,” it notes.
While the statistics are imprecise, the company does point out a trend that many people would be familiar with. That is that people have so many online accounts that they can’t remember good passwords and most people are not using password managers for Windows , macOS and Android. Apple’s built-in password manager is KeyChain, but third-party apps for Windows, macOS and mobile devices include LastPass and Dashlane.
ZDNET Recommends
Arguably the single best answer to securing a computer when a password has been compromised is to use multi-factor authentication (MFA). It means a remote attacker needs physical access to a second factor, such as the legitimate user’s smartphone.
But even Windows-maker Microsoft has found that only 22% of enterprise customers that can implement MFA actually do it . That’s despite Microsoft sharing that 99% of compromised Microsoft accounts didn’t have MFA enabled.
And for anyone who might be perplexed by passwords, it should be remembered that even top engineers at Microsoft struggle with what it admits is a human problem. Only three years ago, Microsoft dropped its Windows policy for passwords to be changed every 60 days . That’s because when we change passwords, too often we only make a small and predictable alteration to the existing passwords – or forget the new ones.
Security
The best VPN services of 2024: Expert tested
How to turn on Private DNS Mode on Android (and why you should)
The best antivirus software and apps you can buy
The best VPN routers you can buy
How to find and remove spyware from your phone
- The best VPN services of 2024: Expert tested
- How to turn on Private DNS Mode on Android (and why you should)
- The best antivirus software and apps you can buy
- The best VPN routers you can buy
- How to find and remove spyware from your phone
Also read:
- [New] 2024 Approved Gratis Android Capture Free Your Device's Potential
- [Updated] 2024 Approved Make Your Discord Conversation Stand Out with Pins
- [Updated] 25+ Best Practices for Crafting Witty Metaverse Visual Jokes
- [Updated] Captivating Books in Video Form
- [Updated] Free Cam Software Roundup Innovation at Your Fingertips
- [Updated] In 2024, The Ultimate Guide for Audio Editors Using GarageBand
- 4 solution to get rid of pokemon fail to detect location On Honor 100 Pro | Dr.fone
- Approach
- Discover the Ultimate Selection of Top-Rated, No-Cost Video Editors | CNET
- Engineer's Innovative Tool Challenges the Giant - Unveiling How It Continuously Shames McDonald's Strategies
- Future of AI Innovations in the Coming Years - Insights & Predictions | ZDNet
- How to Unlock Oppo Phone without PIN
- In 2024, 5 Ways to Track Realme Narzo N55 without App | Dr.fone
- Innovating NLP: How Sony Research Is Joining Forces with AI Singapore, Spotlighted by ZDNET
- Joint Venture Between Sony Research and AI Singapore Accelerates Creation of Next-Gen Language AI Systems
- The Complete Fix: Dealing with the 'binkw32.dll' Missing File Problem
- Top Rated Electronic Signature Solutions - Insights From ZDNet
- Urgent: Microsoft Faces Critical Challenge with Windows 11 - Just One Year Left! [ZDNet Exclusive]
- Why Embracing Low-Code Tech Boosts Employer Branding - ZDNet Analysis
- Title: Persistent Password Problems: Why We Keep Reusing Compromised Passwords Despite Risks
- Author: Matthew
- Created at : 2024-11-12 03:04:09
- Updated at : 2024-11-14 00:31:55
- Link: https://app-tips.techidaily.com/persistent-password-problems-why-we-keep-reusing-compromised-passwords-despite-risks/
- License: This work is licensed under CC BY-NC-SA 4.0.