Bad habits still compromise passwords
The more we do online the more passwords we have to remember and it's tempting to take shortcuts. A new survey by security specialist F-Secure reveals that 43 percent of respondents use the same password for more than one important account.
The sheer number of accounts we have is a problem also. 58 percent of poll respondents say they have over 20 password-protected online accounts or simply too many to keep track of -- 27 percent have between 11 and 20 password-protected accounts and 15 percent have under 10. Despite this though only 40 percent use a password manager to keep track of them.
Poor password choices such as using pet names are still common, but encouragingly 57 percent of respondents say they changed their passwords after Heartbleed.
If you have a lot of accounts, setting a unique, strong password for each one can seem to be a daunting task which is why many people fail to do it. Sean Sullivan, security advisor at F-Secure suggests, "Identify the critical accounts to protect, and then make sure the passwords for those accounts are unique and strong".
This takes account of the fact that you may have accounts where little important information is stored. "If you created an account for some website and there's hardly anything more in there than your username and password, then that's probably not a critical account," says Sullivan. "But your Amazon account with your credit card info, your bank account, your primary email accounts, the Facebook account with your life story, these are examples of the critical ones. If you don’t have time or inclination to tackle everything, at least take care of those".
Particularly critical are email accounts that are used as password reset addresses for other services. For these "master key" accounts it's a good idea to use two-factor authentication if possible.
The company suggests using a password manager like its F-Secure Key which is free for a single device or can synchronize using a secured connection for a monthly fee.