No one wants to get hacked. Most of us want to take reasonable precautions to keep our money and our personal information safe. So why are we so bad at practicing the very password security habits that will protect us? Unfortunately, the fear of hacking often isn’t strong enough to overcome the fear of dealing with stronger passwords. But you don’t have to settle for simple, insecure passwords – you can have stronger passwords and have peace of mind about logging in to your accounts, too.
Easy to remember means easy to guess
In our recent Psychology of Passwords report, we found that one of the biggest mistakes people continue to make is using passwords that are easy to remember – and therefore too easy to guess. We surveyed 3,250 respondents from the US, UK, Australia, Brazil, Germany and Singapore and the results were alarming.
Nearly a quarter of respondents (24%) said their password contains sensitive information, and 29% also responded that they “have a personal “system” for creating passwords (e.g. they use the name of the account plus numbers that have a meaning to them, they use different variations of the same dates, etc.).
Unfortunately, humans are really bad at coming up with “systems” that will outsmart hackers and their computer algorithms. All those fun quizzes and games of 40 questions you’ve been playing on Facebook? Your responses are a data goldmine for someone who wants to social engineer their way into your accounts. Birthdays, anniversaries, names, pets, and more all make terrible passwords. When your passwords are so simple and personal, it’s all too easy for a would-be hacker to take advantage.
It’s not surprising then that 22% said they could guess their significant other’s password, too. Of the people that said they could guess their significant other’s password, 71% could guess their email password, 68% their social media accounts, and 33% their financial accounts. Even 19% claimed they could guess their significant others’ work-related passwords!
The problem is, if your significant other can guess your passwords, chances are someone else could, too.
Fear makes you do silly things
When asked why they continue to use guessable passwords despite warnings not to, most people say they do it because they’re afraid. 60% says they’re afraid of forgetting their login information. 52% also say they want to be in control and know all their passwords. In summary, if every password were to be long and unique like the security experts recommend, people are afraid they would forget them, and have to deal with the nuisance of resetting them frequently!
The fear is preventing you from doing what you know you have to do. The fear makes you think it’s better to use simple, memorable passwords that are the same or mostly the same across all of your accounts. It feels safe, because it feels like you have more control, but that control is just an illusion. In fact, you’re putting yourself at higher risk of hacking and account takeovers, which could cost you a lot of money, time, and a huge violation of your personal privacy.
Creating all passwords with a password generator
The best way to avoid guessable passwords is by using a password generator to create every single password. A password generator relies on a computer algorithm – not faulty human logic! – to create totally unique, long, strong passwords. Every single account can have its own password. No two accounts need to share a password.
But what about remembering all of those passwords? A password manager is perfect for safely storing passwords and retrieving those passwords when you need them. Most password managers, like LastPass, will detect login forms and fill login information for you, so you don’t even have to think about the password you need or go look it up. Accounts are stored in a searchable, easy-to-use digital vault, so you can feel in control of all of your passwords at all times, no matter what device or browser you’re using.
With so much of our work and socializing moving online now, it’s more important than ever to ditch bad password practices. View our full Psychology of Passwords infographic and report to discover more ways your peers are putting themselves at risk online. Are you falling into any of the same traps?