The AP released a story today that roughly half of the people in a survey said they use the same password for all their online accounts. And for cyber crooks, that makes stealing your identity a cinch.
I mix around the same few phrases and numbers between different accounts, but for the most part, no two are exactly the same. My banking, social networking and e-mail passwords are more complicated than passwords for non-important things, which I keep the same. And my work passwords are a whole different combo string of phrases.
I have a laptop that uses a fingerprint scanner to login to Windows, and I can use it to log into webpages so that hackers can't track my keystrokes. The other day it stopped working. But I never wrote down what my backup typed password was! Luckily I just kept trying about seven different word and number combos that I've used in the past until I could guess it. But I'm glad I did guess it, because it was a combo that I've never used for anything before.
What are your password habits? Do you have a different password for everything? Are they usually similar with a few numbers that make them different? Do you write them down? I have a password book where I keep everything, but if someone finds it with intent to do harm, I'm toast. However, I won't write down my bank passwords in that book, just in case.
Here's the story from the Associated Press:
By JORDAN ROBERTSON
AP Technology Writer
SAN FRANCISCO -- Using the same password for multiple Web pages is the Internet-era equivalent of having the same key for your home, car and bank safe-deposit box.
Even though a universal password is like gold for cyber crooks because they can use it to steal all of a person's sensitive data at once, nearly half the Internet users queried in a new survey said they use just one password for all their online accounts.
At the same time, 88 percent of the 800 people interviewed in the U.S. and the U.K. for the survey by the Accenture consultancy, which is to be released Thursday, said personal irresponsibility is the key cause of identity theft and fraud.
Researchers say the findings suggest that many users underestimate the growing threat from organized cyber criminals who can reap big profits from selling stolen identities.
"There's a lot of confusion out there - a lot of people don't think there's a problem," said Robert Dyson, a senior executive in Accenture's global security practice. "There's still the kind of head-in-the-sand situation: 'My identity hasn't been stolen. I don't know anybody who's had their identity stolen. So it must not be happening.'"
Dyson said the problem with repeating passwords is that a hacker who successfully breaks into one account then has an easy time guessing how to get into all the user's other accounts.
Many users repeat passwords so they don't forget them, which shows in another finding that 70 percent of survey respondents in the U.K. said they don't write down their passwords, versus 49 percent in the U.S.
Only seven percent of the respondents said they change their passwords often, use password management software or use a fingerprint reader to access their machines and accounts.
The survey looked at people who used a computer at home, have high-speed Internet access and go online at least twice a week for something other than checking e-mail. The respondents were selected at random and questioned over the telephone. The mean age was 46.
The survey's margin of error was plus or minus 3.5 percent for the total sample and plus or minus 4.9 percent for U.S. and U.K. samples.
Accenture noted that the results represent the behavior of a random sample of this subgroup of Internet users, not the overall general pool of U.S. and U.K. consumers.